{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T16:17:01.922","vulnerabilities":[{"cve":{"id":"CVE-2025-41738","sourceIdentifier":"info@cert.vde.com","published":"2025-12-01T10:16:01.130","lastModified":"2026-02-23T15:42:30.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition."}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"AC30C449-D8D5-4789-875B-770BA22CB50A"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndIncluding":"4.19.0.0","matchCriteriaId":"A00DF2DC-04B9-498C-9AF0-1205A45A104C"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"C245753D-52F6-4B11-8724-8DC05C7149F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_linux_arm_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"4B16CF88-9B70-4B28-92AB-F5CD49ADE513"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"9D4B874C-2402-4208-85B8-EBC03D092678"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndIncluding":"4.19.0.0","matchCriteriaId":"B0B3369D-A9E4-4362-8A2B-947C6B89C4A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"BA58388A-4084-47CB-8078-2B3405DA3D95"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"15F6992D-80C0-43FE-AFD3-241F1F44B078"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"9F9F69C3-3C0A-4D08-94EE-C9FFD21FD89E"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndIncluding":"4.19.0.0","matchCriteriaId":"53BE2A4B-940C-499C-854F-CD8B99FD4EB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.18.0","versionEndExcluding":"3.5.21.40","matchCriteriaId":"E36769BE-B465-450C-B584-075E969CE608"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.18.0","versionEndExcluding":"3.5.21.40","matchCriteriaId":"D8CCA570-A3CE-46CF-BBD1-384DFBD8DA4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.18.0","versionEndExcluding":"3.5.21.40","matchCriteriaId":"827EB8A7-01B0-4414-A20C-6B2FABF9E384"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.18.0","versionEndExcluding":"3.5.21.40","matchCriteriaId":"897A1436-7A4E-4AF2-8A62-77DA592321F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:remote_target_visu:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.18.0","versionEndExcluding":"3.5.21.40","matchCriteriaId":"4E7C54E1-5F4B-4436-BEF7-F86EB783D1F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.18.0","versionEndExcluding":"3.5.21.40","matchCriteriaId":"C5DC5E0B-5D9A-4A6D-8894-97EF707151EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:virtual_control_sl:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0.0","versionEndExcluding":"4.19.0.0","matchCriteriaId":"492FCFE5-1A20-494D-A872-A5FAF463EE30"}]}]}],"references":[{"url":"https://certvde.com/de/advisories/VDE-2025-100","source":"info@cert.vde.com","tags":["Third Party Advisory"]}]}}]}