Vulnerabilites related to CODESYS - CODESYS Safety SIL2 PSP
cve-2022-47387
Vulnerability from cvelistv5
Published
2023-05-15 09:54
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.968Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47387", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:24.928624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:07.443Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:54:41.625Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47387", datePublished: "2023-05-15T09:54:41.625Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T19:00:07.443Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47386
Vulnerability from cvelistv5
Published
2023-05-15 09:49
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47386", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:28.058624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:14.509Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:49:04.949Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47386", datePublished: "2023-05-15T09:49:04.949Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:14.509Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47378
Vulnerability from cvelistv5
Published
2023-05-15 09:30
Modified
2025-03-05 19:01
Severity ?
EPSS score ?
Summary
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47378", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:10.260425Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:01:14.095Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Ramin Nafisi, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:30:22.173Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47378", datePublished: "2023-05-15T09:30:22.173Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:01:14.095Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47383
Vulnerability from cvelistv5
Published
2023-05-15 09:44
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47383", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:37.721047Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:34.790Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:44:53.440Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47383", datePublished: "2023-05-15T09:44:53.440Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:34.790Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47385
Vulnerability from cvelistv5
Published
2023-05-15 09:47
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.825Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47385", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:31.034306Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:21.424Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:47:18.175Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47385", datePublished: "2023-05-15T09:47:18.175Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:21.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47393
Vulnerability from cvelistv5
Published
2023-05-15 10:03
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.190Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47393", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:02.605164Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:25.695Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T10:03:58.680Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to improperly restricted memory operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47393", datePublished: "2023-05-15T10:03:58.680Z", dateReserved: "2022-12-14T06:03:27.266Z", dateUpdated: "2025-03-05T18:59:25.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47379
Vulnerability from cvelistv5
Published
2023-05-15 09:33
Modified
2025-03-05 19:01
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.032Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47379", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:54.742167Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:01:07.355Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:33:41.697Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47379", datePublished: "2023-05-15T09:33:41.697Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:01:07.355Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47390
Vulnerability from cvelistv5
Published
2023-05-15 09:58
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47390", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:15.103519Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:40.115Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:58:21.588Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47390", datePublished: "2023-05-15T09:58:21.588Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:40.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47391
Vulnerability from cvelistv5
Published
2023-05-15 09:59
Modified
2025-01-23 19:19
Severity ?
EPSS score ?
Summary
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47391", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-23T19:18:44.576335Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-23T19:19:22.826Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:59:52.803Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47391", datePublished: "2023-05-15T09:59:52.803Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-01-23T19:19:22.826Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47392
Vulnerability from cvelistv5
Published
2023-05-15 10:01
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.701Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47392", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:06.722632Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:32.783Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T10:01:09.224Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47392", datePublished: "2023-05-15T10:01:09.224Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:32.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47388
Vulnerability from cvelistv5
Published
2023-05-15 09:56
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.136Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47388", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:20.872432Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:57.472Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:56:43.518Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47388", datePublished: "2023-05-15T09:56:43.518Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:57.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47381
Vulnerability from cvelistv5
Published
2023-05-15 09:41
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47381", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:45.557305Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:50.181Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:41:51.613Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47381", datePublished: "2023-05-15T09:41:51.613Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:50.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47389
Vulnerability from cvelistv5
Published
2023-05-15 09:57
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.296Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47389", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:17.996509Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:49.436Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:57:37.177Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47389", datePublished: "2023-05-15T09:57:37.177Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:49.436Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47384
Vulnerability from cvelistv5
Published
2023-05-15 09:46
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.031Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47384", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:34.304512Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:27.725Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:46:29.134Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47384", datePublished: "2023-05-15T09:46:29.134Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:27.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47380
Vulnerability from cvelistv5
Published
2023-05-15 09:40
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47380", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:50.342923Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:59.205Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:40:44.538Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47380", datePublished: "2023-05-15T09:40:44.538Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:59.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47382
Vulnerability from cvelistv5
Published
2023-05-15 09:42
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47382", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:40.954048Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:42.862Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:42:48.212Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47382", datePublished: "2023-05-15T09:42:48.212Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:42.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }