Vulnerability Description
3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.
CVSS Score
6.5
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Codesys | Plcwinnt | < 2.4.7.54 |
| Codesys | Runtime Toolkit | < 2.4.7.54 |
| Codesys | Sp Realtime Nt | < 2.3.7.28 |
Related Weaknesses (CWE)
References
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12946&token=edd5d8e82Vendor Advisory
- https://www.codesys.comVendor Advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12946&token=edd5d8e82Vendor Advisory
- https://www.codesys.comVendor Advisory
FAQ
What is CVE-2019-19789?
CVE-2019-19789 is a vulnerability with a CVSS score of 6.5 (MEDIUM). 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.
How severe is CVE-2019-19789?
CVE-2019-19789 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-19789?
Check the references section above for vendor advisories and patch information. Affected products include: Codesys Plcwinnt, Codesys Runtime Toolkit, Codesys Sp Realtime Nt.