CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21869
https://notcve.org/view.php?id=CVE-2021-21869
25 Aug 2021 — An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad Engine.plugin ProfileInformation ProfileData de CODESYS GmbH CODESYS Development System versiones 3.5.16 y 3.5.17. Un a... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download= • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21868
https://notcve.org/view.php?id=CVE-2021-21868
18 Aug 2021 — An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.get_MissingTypes() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad ObjectManager.plugin Project.get_MissingTypes() de CODESYS GmbH CODESYS Development System versiones 3.5.16 y 3.5.17... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download= • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21867
https://notcve.org/view.php?id=CVE-2021-21867
18 Aug 2021 — An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad ObjectManager.plugin ObjectStream.ProfileByteArray de CODESYS GmbH CODESYS Development System versiones 3.5.16 y ... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download= • CWE-502: Deserialization of Untrusted Data •