Improper Input Validation in CODESYS Control Runtime System Allows Addressing Scheme Manipulation

Improper Input Validation in CODESYS Control Runtime System Allows Addressing Scheme Manipulation

CVE-2021-29242 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.

Learn more about our Web Application Penetration Testing UK.