CVE-2025-41691 | CODESYS Control RTE Communication Request null pointer dereference (VDE-2025-070 / EUVD-2025-23490)

A vulnerability has been found in CODESYS Control RTE, Control RTE SL, Control Win, HMI, Control for BeagleBone SL, Control for emPC-A, iMX6 SL, Control for IOT2000 SL, Control for Linux ARM SL, Control for Linux SL, Control for PFC100 SL, Control for PFC200 SL, Control for PLCnext SL, Control for Raspberry Pi SL, Control for WAGO Touch Panels 600 SL and Virtual Control SL and classified as problematic. This vulnerability affects unknown code of the component Communication Request Handler. The manipulation leads to null pointer dereference.

This vulnerability was named CVE-2025-41691. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More