CNNVD-202512-114 Information

CNNVD ID

CNNVD-202512-114

Related CVE

CVE-2025-41739

• CNNVD Published: 2025-12-01

Description (Chinese)

CODESYS Control是德国CODESYS公司的一套工业控制程序编程软件。 CODESYS Control存在缓冲区错误漏洞，该漏洞源于未经身份验证的远程攻击者可利用竞争条件触发Linux和QNX上CODESYS Control运行时系统的通信服务器中的越界读取，可能导致拒绝服务。

Description (English)

CODESYS Control is an industrial control program program program for CODESYS, Germany. CODESYS Control has a buffer zone error loophole, which stems from the fact that unidentified remote assailants can use competitive conditions to trigger cross-border access to the communications servers of the CODESYS Control system on Linux and QNX, which may lead to the denial of services.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

CODESYS

Published

2025-12-01

Last Modified

2026-02-24

References

https://certvde.com/de/advisories/VDE-2025-099 https://access.redhat.com/security/cve/cve-2025-41739

Patch

https://www.codesys.com/ecosystem/services/download/