CVE-2021-29238

CWE-352: CROSS-SITE REQUEST FORGERY
Manipulated files of a CODESYS Web Visualization deployed on a controller can lead to a privilege escalation when the Web Visualization is opened with the CODESYS Automation Server.

Risk Information

  • CVE ID
  • CVE-2021-29238
  • Vendor
  • 3S CODESYS
  • Product
  • CODESYS Automation Server
  • CVSS v3
  • 8.0