CVE-2025-41739 | CODESYS PLCHandler on Linux/QNX Socket out-of-bounds (VDE-2025-099 / EUVD-2025-199976)

A vulnerability described as critical has been identified in CODESYS PLCHandler, Remote Target Visu, Runtime Toolkit, Control for BeagleBone SL, Control for emPC-A, iMX6 SL, Control for IOT2000 SL, Control for Linux ARM SL, Control for Linux SL, Control for PFC100 SL, Control for PFC200 SL, Control for PLCnext SL, Control for Raspberry Pi SL, Control for WAGO Touch Panels 600 SL, Edge Gateway for Linux, TargetVisu for Linux SL and Virtual Control SL on Linux/QNX. This vulnerability affects unknown code of the component Socket Handler. Such manipulation leads to out-of-bounds read.

This vulnerability is uniquely identified as CVE-2025-41739. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More