Description

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.

INFO

Published Date :

2025-12-01T10:02:33.407Z

Last Modified :

2025-12-01T14:00:28.509Z

Source :

CERTVDE
AFFECTED PRODUCTS

The following products are affected by CVE-2025-41738 vulnerability.

Vendors Products
Codesys
  • Control For Beaglebone Sl
  • Control For Empc-a/imx6 Sl
  • Control For Empc-a\/imx6 Sl
  • Control For Iot2000 Sl
  • Control For Linux Arm Sl
  • Control For Linux Sl
  • Control For Pfc100 Sl
  • Control For Pfc200 Sl
  • Control For Plcnext Sl
  • Control For Raspberry Pi Sl
  • Control For Wago Touch Panels 600 Sl
  • Control Rte
  • Control Rte (sl)
  • Control Rte Sl
  • Control Rte Sl \(for Beckhoff Cx\)
  • Control Win (sl)
  • Control Win Sl
  • Hmi (sl)
  • Hmi Sl
  • Remote Target Visu
  • Runtime Toolkit
  • Virtual Control Sl
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-41738.

URL Resource
https://certvde.com/de/advisories/VDE-2025-100 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact