Vulnerabilites related to codesys - control_runtime_system_toolkit
Vulnerability from fkie_nvd
Published
2021-08-03 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control_rte | * | |
| codesys | control_rte | * | |
| codesys | control_runtime_system_toolkit | * | |
| codesys | control_win_sl | * | |
| codesys | embedded_target_visu_toolkit | * | |
| codesys | hmi | * | |
| codesys | remote_target_visu_toolkit | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:beaglebone_sl:*:*", matchCriteriaId: "57DD6E2E-9B12-4C30-9CCF-26C5EFCFC0EA", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:empc-a\\/imx6_sl:*:*", matchCriteriaId: "79E8DFCC-74F7-4B0D-A476-D13CBB32EDEF", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:iot2000_sl:*:*", matchCriteriaId: "58160302-830A-463B-AE5F-782B01893F40", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:linux_sl:*:*", matchCriteriaId: "2E740918-B35E-4583-8580-046A7C7F3113", versionEndIncluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:pfc100_sl:*:*", matchCriteriaId: "F00E63D5-8CA2-4082-B522-4B0C51772A4C", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:pfc200_sl:*:*", matchCriteriaId: "6890F3F3-6DF2-4D0C-A431-B3705900E1EB", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:plcnext_sl:*:*", matchCriteriaId: "7D6CA947-A0F3-4F45-804B-BAD4BD24CBC4", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:raspberry_pi_sl:*:*", matchCriteriaId: "1545D5A9-739E-4C36-933A-B87A3D593A22", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:wago_touch_panels_600_sl:*:*", matchCriteriaId: "7D0A2D1F-F297-4D5D-8FB1-1C80297E91A1", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:-:*:*", matchCriteriaId: "102C898A-8CA9-4C6E-AAAD-ED947F6DCEA2", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*", matchCriteriaId: "C629084B-E59E-4FA4-A866-7F2FE8C6D26B", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "48B1957E-472D-4A21-A8FC-DF2AF0C118F5", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "FBCFD26C-0262-4D2B-99CA-E7EA0E6B75E3", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B640C5A9-8241-4191-87F6-E31D6902702E", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "9116B38E-7B7C-48DB-B742-A8741EB63892", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "C86F931B-F172-4B00-B484-48048756655F", versionEndExcluding: "3.5.17.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.", }, { lang: "es", value: "En CODESYS V3 web server versiones anteriores a 3.5.17.10, los archivos o directorios son accesibles para las partes externas", }, ], id: "CVE-2021-36763", lastModified: "2024-11-21T06:14:02.597", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-03T16:15:08.657", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], id: "CVE-2022-47378", lastModified: "2024-11-21T07:31:51.643", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.460", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 11:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550\n\n", }, ], id: "CVE-2023-37545", lastModified: "2024-11-21T08:11:54.430", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T11:15:09.837", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-13 17:15
Modified
2024-11-21 04:25
Severity ?
Summary
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-255-01 | Mitigation, Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-255-01 | Mitigation, Patch, Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "BC95996F-4E60-4CCE-BC7D-2F998969455D", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "CCE0D6F6-86D9-488A-A02B-48F4BD6F67D4", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "08C05889-826B-411F-AD6A-F18C432A3B1F", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "225A5B49-7DB5-4B80-A560-5BEE65A7FC3D", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "3E6DD82E-5047-4E7B-8C73-3BF8FD112F3A", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "47A9B7EB-229C-4A23-9BB7-72A5ABD61279", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "43092C73-1302-4915-B2BC-59058FF61EFA", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "B9392852-7BEF-402C-9ED4-2D7D40955311", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "FB77946F-7038-40FD-8204-B777ED0E59D2", versionEndExcluding: "3.5.14.10", versionStartIncluding: "3.5.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "F1CB113B-1207-43D9-A999-42B08AD50EB2", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "EE519838-FADF-43EA-9723-9283C0E18E85", versionEndIncluding: "3.5.12.80", versionStartIncluding: "3.5.9.80", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "3466070E-1377-4272-AC73-717B9DEC144C", versionEndExcluding: "3.5.14.10", versionStartIncluding: "3.5.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "07A7C9E7-ABF4-4C29-AF16-E697E35CFFC7", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "BD2CDAC2-F8EB-45F4-82E2-5E5601F49D8A", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.5.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "1AC3C628-281A-4E8E-ADE6-4CE976E187D4", versionEndExcluding: "3.5.14.10", versionStartIncluding: "3.5.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "08230AB2-9EA0-4F98-8CE5-0A9ADB2B2334", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.", }, { lang: "es", value: "El servidor web de CODESYS V3, todas las versiones anteriores a 3.5.14.10, permite a un atacante enviar peticiones http o https especialmente diseñadas que pueden conceder el acceso a archivos fuera del directorio de trabajo restringido del controlador.", }, ], id: "CVE-2019-13532", lastModified: "2024-11-21T04:25:05.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-13T17:15:11.617", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.", }, { lang: "es", value: "En múltiples productos Codesys en múltiples versiones , después de una autenticación exitosa como usuario, las solicitudes de comunicación de red especialmente diseñadas pueden utilizar el componente CmpApp para descargar archivos con cualquier extensión de archivo al controlador. A diferencia de la descarga de archivos normal a través de CmpFileTransfer, aquí no se realiza ningún filtrado de determinados tipos de archivos. Como resultado, la integridad del sistema de ejecución de control CODESYS puede verse comprometida por los archivos cargados en el controlador.", }, ], id: "CVE-2023-37551", lastModified: "2024-11-21T08:11:55.417", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.257", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47384", lastModified: "2024-11-21T07:31:52.427", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.863", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-03 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://customers.codesys.com/index.php | Permissions Required, Vendor Advisory | |
| cve@mitre.org | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download= | Vendor Advisory | |
| cve@mitre.org | https://www.codesys.com/security/security-reports.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/index.php | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download= | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.codesys.com/security/security-reports.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C182D390-3A29-4048-805B-F00AF40E7353", versionEndExcluding: "4.0.1.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4FE1E73E-5A65-4C33-973D-B5E4D997AC7A", versionEndExcluding: "4.0.1.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "94EF5004-D1D7-449D-9D99-92FC273FFF1F", versionEndExcluding: "4.0.1.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7E9AF0BE-05EC-4411-802B-331EA6B0E54E", versionEndExcluding: "4.0.1.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "83B749C0-A553-42AB-AFCF-91F990BAA765", versionEndExcluding: "3.5.16.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C13DE019-B415-4373-8FC2-54A2898F50EA", versionEndExcluding: "3.5.16.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "763C9946-EFD7-469C-9D40-4186FE650F6F", versionEndExcluding: "4.0.1.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "035E43A5-7350-4B06-B3AA-40DD3A673BA7", versionEndExcluding: "3.5.16.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B35F55F6-2032-4F5A-AC3A-76835C043D7E", versionEndExcluding: "3.5.16.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "02017CB2-3E3C-4F89-B1DA-C8E8213BC8C8", versionEndExcluding: "3.5.16.70", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "FFBA19D6-9436-4E14-B9D3-28B82CB0321D", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "671DF92A-D4CB-44E4-B4FD-781D3561FDAB", versionEndExcluding: "3.5.16.70", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).", }, { lang: "es", value: "CODESYS Gateway versiones 3 anteriores a 3.5.16.70 tiene una derivación de puntero NULL que puede resultar en una denegación de servicio (DoS)", }, ], id: "CVE-2021-29241", lastModified: "2024-11-21T06:00:51.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-03T14:15:07.633", references: [ { source: "cve@mitre.org", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.codesys.com/security/security-reports.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.codesys.com/security/security-reports.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47389", lastModified: "2024-11-21T07:31:53.053", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.243", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-07 19:15
Modified
2024-11-21 06:46
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0588BE-2046-48F8-95E9-338FB009E2FA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*", matchCriteriaId: "45FF3C0B-9043-4E82-A8F3-95CB79D8DAA1", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4CB8984E-ED1F-4F52-B016-F08C0D085C64", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "412EBC80-0D9C-419F-9DC3-E2054A8B93B0", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "F66AAE46-CCF8-46D6-89AD-5A4461FCECE9", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB1C57CE-152A-44AE-98B8-39E310255C8E", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "01A94C91-B155-4A5A-9F0B-F7E04F3B23B5", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "95BC26CF-75EE-43A2-8A92-E877CAF612F3", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "1D85A5BC-ADB6-40E4-9434-B57C99185BBA", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AC013B85-98C0-4EF0-844C-4C75D1D237D9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1A7A44B8-BAC7-47B6-ACDC-015DF54D36BF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "780B6607-72A7-487E-A180-5C9A49BF6355", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "E36291AE-21CB-4ECB-8816-D50712C70E30", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F1B30B-6D52-40B1-ABD3-5164A76F5447", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "5C264A88-C41C-400B-9C69-0DBB1CEB9DF9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "60E8930A-4C6C-41CE-8BA8-97332DC753FF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "879A9478-54E4-4B6E-A6DC-6DDE1C5E7745", versionEndExcluding: "3.5.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.", }, { lang: "es", value: "Un atacante remoto autenticado puede causar una desreferencia de puntero null en el componente CmpSettings de los productos CODESYS afectados, lo que conlleva a un bloqueo", }, ], id: "CVE-2022-22513", lastModified: "2024-11-21T06:46:55.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-07T19:15:08.073", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.\n\n", }, { lang: "es", value: "En múltiples versiones de múltiples productos de Codesys, después de una autenticación exitosa como usuario, las solicitudes de comunicación de red específicas con contenido inconsistente pueden causar que el componente CmpAppBP lea internamente desde una dirección inválida, potencialmente conduciendo a una condición de denegación de servicio. Esta vulnerabilidad es diferente de CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 y CVE-2023-37556.", }, ], id: "CVE-2023-37554", lastModified: "2024-11-21T08:11:55.887", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.530", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47383", lastModified: "2024-11-21T07:31:52.300", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.803", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47388", lastModified: "2024-11-21T07:31:52.933", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.157", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 06:46
Severity ?
Summary
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "194E2F1E-C70A-429E-B61C-B70902A6CDA7", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "FEFBC44F-0969-4806-AABD-B02DFEBF8F01", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7C405ECA-126C-4110-A18A-787D11377CE6", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7047C70D-268D-45B7-A095-39B5A8345ACB", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "38F84368-415F-4C37-A988-C8DB540F1345", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A0B6F1D2-8408-4172-B3E9-7C276CC71433", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "94383C92-CBC7-4941-B06C-00D889316FEF", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "1785F440-BA92-4F37-9A72-F4AC971B3B8A", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A320BED3-0F2F-45C0-9D74-8A21158B8ED9", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7BF25557-407B-4FD3-9694-92159C8094B8", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "5BC8B234-3EC0-4737-8E12-CAA349FC7962", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "0C5905D5-B99C-4995-BEC7-A0E01D9E014B", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "34100446-7766-42D7-ACC4-D9C3193797C8", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "2C7CEA77-B831-4047-BA85-B587DDF25C7C", versionEndExcluding: "3.5.18.40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.", }, ], id: "CVE-2022-22508", lastModified: "2024-11-21T06:46:54.870", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.370", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b2825fea2bcaf80c1a8e62097d72ec90f1a&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b2825fea2bcaf80c1a8e62097d72ec90f1a&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.\n\n", }, { lang: "es", value: "En múltiples versiones de múltiples productos de Codesys, después de una autenticación exitosa como usuario, las solicitudes de comunicación de red específicas con contenido inconsistente pueden causar que el componente CmpAppBP lea internamente desde una dirección inválida, potencialmente llevando a una condición de denegación de servicio. Esta vulnerabilidad es diferente de CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 y CVE-2023-37556.", }, ], id: "CVE-2023-37555", lastModified: "2024-11-21T08:11:56.037", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.620", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47380", lastModified: "2024-11-21T07:31:51.910", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.607", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-14 21:15
Modified
2024-11-21 04:59
Severity ?
Summary
An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "2A5313A0-4D9B-4B1F-B432-F84130717DE7", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "C9EA03EF-F424-4AC6-AC0B-A284A2553092", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "38ECECFA-13C2-459E-B509-5F663E72CDE9", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "B7BD8B5A-8CD7-463C-82D7-06F6DE7E6DB0", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "1CC12843-4775-46BF-BB7F-35D7A4825027", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "84E46BF9-F5A0-4C09-BE2B-486263D89E85", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "C17614A6-F334-4955-824D-A237A9672ECD", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "BFAF3E76-D917-48FA-BE80-7CEF592359F3", versionEndExcluding: "3.5.16.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "977B88F5-FA46-41A6-B65E-034EEBA19755", versionEndExcluding: "3.5.16.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "C6E1A555-20F2-4C1D-824C-9BFE5A8C1184", versionEndExcluding: "3.5.16.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "03FB53F8-F076-41FB-B556-077F99584B76", versionEndExcluding: "3.5.16.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "C2B23429-F3C9-4414-A3C8-FDEA5D0DFE96", versionEndExcluding: "3.5.16.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.", }, { lang: "es", value: "Se detectó un problema en CODESYS Development System versiones anteriores a 3.5.16.0. CODESYS WebVisu y CODESYS Remote TargetVisu son susceptibles a una escalada de privilegios.", }, ], id: "CVE-2020-12068", lastModified: "2024-11-21T04:59:12.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-14T21:15:13.260", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://www.codesys.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.codesys.com", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-11 11:15
Modified
2024-11-21 07:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "B5D6E827-7AD1-4248-82E6-C879771A2FBA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "E07464D3-D8E5-45CC-8703-B445A866F015", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AD1474A7-A282-4929-A9E4-721322DCAE15", versionEndExcluding: "4.6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "BD0BCA34-FE68-4933-B189-746D2DA3E062", versionEndExcluding: "4.6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600:*:*:*:*:*:*:*:*", matchCriteriaId: "966AEA54-4939-4C84-8D8B-7C70D361555B", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A33E4442-F316-439F-83BD-047A34EF6E14", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "8AC245C1-F19D-417A-801E-D08B0ED81651", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "F1A0B9C6-534C-4D2C-BC62-620786CE748F", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "22F16730-93D3-41D4-B5D0-F507BC2D5A03", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "05792C1C-C4BB-4084-96A3-69544076F944", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "6C919501-6AFE-4D4C-84EF-C6AF30EBB769", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "E36291AE-21CB-4ECB-8816-D50712C70E30", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "26B19D43-1A55-45E5-9C0A-00E9487B4282", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "73C1F863-AAC0-446A-98E1-436916DA66B9", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "C26E9A35-AEB3-4856-8410-989D422A6D95", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "26CA4951-7DD0-4477-8C36-EC07191CAC8F", versionEndExcluding: "3.5.18.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.", }, { lang: "es", value: "En CmpBlkDrvTcp de CODESYS versión V3 en múltiples versiones un consumo no controlado de recursos permite a un atacante no autorizado bloquear nuevas conexiones TCP. Las conexiones existentes no están afectadas", }, ], id: "CVE-2022-30791", lastModified: "2024-11-21T07:03:23.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-07-11T11:15:08.177", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-07 19:15
Modified
2024-11-21 06:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0588BE-2046-48F8-95E9-338FB009E2FA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*", matchCriteriaId: "45FF3C0B-9043-4E82-A8F3-95CB79D8DAA1", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4CB8984E-ED1F-4F52-B016-F08C0D085C64", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "412EBC80-0D9C-419F-9DC3-E2054A8B93B0", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "F66AAE46-CCF8-46D6-89AD-5A4461FCECE9", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB1C57CE-152A-44AE-98B8-39E310255C8E", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "01A94C91-B155-4A5A-9F0B-F7E04F3B23B5", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "95BC26CF-75EE-43A2-8A92-E877CAF612F3", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "1D85A5BC-ADB6-40E4-9434-B57C99185BBA", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AC013B85-98C0-4EF0-844C-4C75D1D237D9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "25737EE6-531E-4241-AA40-856388A2E333", versionEndExcluding: "3.5.18.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "780B6607-72A7-487E-A180-5C9A49BF6355", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "E36291AE-21CB-4ECB-8816-D50712C70E30", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F1B30B-6D52-40B1-ABD3-5164A76F5447", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "5C264A88-C41C-400B-9C69-0DBB1CEB9DF9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "60E8930A-4C6C-41CE-8BA8-97332DC753FF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "879A9478-54E4-4B6E-A6DC-6DDE1C5E7745", versionEndExcluding: "3.5.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.", }, { lang: "es", value: "Un atacante remoto no autenticado puede interrumpir los canales de comunicación presentes entre los productos CODESYS al adivinar un ID de canal válido e inyectando paquetes. Esto hace que el canal de comunicación sea cerrado", }, ], id: "CVE-2022-22517", lastModified: "2024-11-21T06:46:56.430", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-07T19:15:08.300", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-334", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 11:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], id: "CVE-2022-47392", lastModified: "2024-11-21T07:31:53.433", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T11:15:08.750", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], id: "CVE-2023-37546", lastModified: "2024-11-21T08:11:54.597", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:09.790", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n", }, { lang: "es", value: "En muchos productos Codesys en múltiples versiones, después de una autenticación exitosa como usuario, solicitudes de comunicación de red específicas diseñadas con contenido inconsistente pueden hacer que el componente CmpApp lea internamente desde una dirección no válida, lo que podría conducir a una condición de denegación de servicio. Esta vulnerabilidad es diferente a CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 y CVE-2023-37549.", }, ], id: "CVE-2023-37550", lastModified: "2024-11-21T08:11:55.243", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.170", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558", }, { lang: "es", value: "Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación de red específicas diseñadas con contenido inconsistente pueden hacer que el componente CmpAppForce lea internamente desde una dirección no válida, lo que podría conducir a una condición de denegación de servicio. Esta vulnerabilidad es diferente a CVE-2023-37558", }, ], id: "CVE-2023-37559", lastModified: "2024-11-21T08:11:56.653", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.977", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47385", lastModified: "2024-11-21T07:31:52.550", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.927", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 13:15
Modified
2024-11-21 07:34
Severity ?
Summary
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-025/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-025/ | Mitigation, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "2390BDA5-FC7C-43F2-A6D0-098DE49E8092", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "07DC0FD5-57BB-41CD-9FFD-36FEC5573BFB", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BE2276F0-8EF2-4CEA-9A75-010D31F8D76C", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "DB41ACE5-0064-4BBC-AEF7-2A89D21EEA83", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "D23780DF-5CF3-4D88-83A4-D5D0E6BF7274", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "0CAF552D-E704-4979-9335-6290F11D6EA9", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "31A0FF97-A6E5-4339-B68A-E1F76A24D50E", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BC1C54A7-686C-433C-91B0-B84720ABFC81", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "B1B0A7F9-9F70-4217-AF38-14E9F9F7CDDB", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "D2102923-8711-4D2C-BF3E-870AC1D8F2AA", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "98918E65-854F-4719-8419-79578C5F9EAD", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "07750392-D8FF-413D-82F9-55B9F2F12B55", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "EE76A4D8-070C-45D7-AF3B-12FFD6BD73E3", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "23B980AB-A690-43C0-A117-929C4AD7A2DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.", }, ], id: "CVE-2022-4046", lastModified: "2024-11-21T07:34:30.347", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T13:15:09.627", references: [ { source: "info@cert.vde.com", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-025/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-025/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-07 19:15
Modified
2024-11-21 06:46
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Summary
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0588BE-2046-48F8-95E9-338FB009E2FA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*", matchCriteriaId: "45FF3C0B-9043-4E82-A8F3-95CB79D8DAA1", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4CB8984E-ED1F-4F52-B016-F08C0D085C64", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "412EBC80-0D9C-419F-9DC3-E2054A8B93B0", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "F66AAE46-CCF8-46D6-89AD-5A4461FCECE9", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB1C57CE-152A-44AE-98B8-39E310255C8E", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "01A94C91-B155-4A5A-9F0B-F7E04F3B23B5", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "95BC26CF-75EE-43A2-8A92-E877CAF612F3", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "1D85A5BC-ADB6-40E4-9434-B57C99185BBA", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AC013B85-98C0-4EF0-844C-4C75D1D237D9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "25737EE6-531E-4241-AA40-856388A2E333", versionEndExcluding: "3.5.18.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "780B6607-72A7-487E-A180-5C9A49BF6355", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "E36291AE-21CB-4ECB-8816-D50712C70E30", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F1B30B-6D52-40B1-ABD3-5164A76F5447", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "5C264A88-C41C-400B-9C69-0DBB1CEB9DF9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "60E8930A-4C6C-41CE-8BA8-97332DC753FF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "879A9478-54E4-4B6E-A6DC-6DDE1C5E7745", versionEndExcluding: "3.5.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.", }, { lang: "es", value: "Un atacante remoto autentificado puede obtener acceso a un puntero desreferenciado contenido en una solicitud. Los accesos pueden llevar posteriormente a la sobreescritura local de la memoria en el CmpTraceMgr, por lo que el atacante no puede obtener los valores leídos internamente ni controlar los valores a escribir. Si se accede a una memoria no válida, se produce un fallo", }, ], id: "CVE-2022-22514", lastModified: "2024-11-21T06:46:56.033", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-07T19:15:08.133", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-822", }, ], source: "info@cert.vde.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-24 20:15
Modified
2024-11-21 05:36
Severity ?
Summary
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E5BF9F-79C9-48D3-9F2D-CCDF73144FCA", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "221CAFE3-1BC7-4CAC-B3F8-981B3F267CFE", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "9B048CEB-E1D0-4EF1-9BD3-966CB9E147D8", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "A72217A3-4591-4C52-AB37-7FD652276569", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "51EFD6C4-C1AC-45D7-909F-6B074B32090E", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "8C1B75F5-F426-4877-9004-1F714B2A4968", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "2F150E51-4E03-40A8-8099-E5BE13234DD9", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "8D839D59-8090-4158-A2C2-847DEDD9674D", versionEndExcluding: "3.5.15.30", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "E278A9AE-5684-4F7E-B253-0F70CA835322", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*", matchCriteriaId: "650315EF-4AC2-4B5B-A5A1-8ABBE6C398B6", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B8C46635-3068-4DDA-8527-2E473763E652", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "B7F22E48-0C8D-47C2-8C88-F35ED1027465", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.5.9.80", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "5A487191-D2CD-484B-88D3-C7A1EFD8C19B", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.5.15.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "0B3462D2-9AA7-4046-B491-36A2A9970BA7", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.5.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "4F4FCCC9-6069-47D6-AB46-65697F7AE58D", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:simulation_runtime:*:*:*:*:*:*:*:*", matchCriteriaId: "375689F5-9B58-491C-BD1C-2CF5C9CEB474", versionEndExcluding: "3.5.15.30", versionStartIncluding: "3.5.9.40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.", }, { lang: "es", value: "CODESYS Control versión V3, Gateway versión V3 y HMI versiones V3 anteriores a 3.5.15.30, permiten una asignación de memoria no controlada que puede resultar en una condición de denegación de servicio remota.", }, ], id: "CVE-2020-7052", lastModified: "2024-11-21T05:36:34.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-24T20:15:10.970", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-04", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550\n\n", }, { lang: "es", value: "En múltiples productos de Codesys en múltiples versiones, después de una autenticación exitosa como usuario, solicitudes específicas de comunicación de red con contenido inconsistente pueden causar que el componente CmpApp lea internamente desde una dirección inválida, potencialmente llevando a una condición de denegación de servicio. Esta vulnerabilidad es diferente de CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 y CVE-2023-37550.", }, ], id: "CVE-2023-37549", lastModified: "2024-11-21T08:11:55.087", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.083", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47382", lastModified: "2024-11-21T07:31:52.177", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.737", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-11 11:15
Modified
2024-11-21 07:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "B5D6E827-7AD1-4248-82E6-C879771A2FBA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "E07464D3-D8E5-45CC-8703-B445A866F015", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AD1474A7-A282-4929-A9E4-721322DCAE15", versionEndExcluding: "4.6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "BD0BCA34-FE68-4933-B189-746D2DA3E062", versionEndExcluding: "4.6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600:*:*:*:*:*:*:*:*", matchCriteriaId: "966AEA54-4939-4C84-8D8B-7C70D361555B", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A33E4442-F316-439F-83BD-047A34EF6E14", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "8AC245C1-F19D-417A-801E-D08B0ED81651", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "F1A0B9C6-534C-4D2C-BC62-620786CE748F", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "22F16730-93D3-41D4-B5D0-F507BC2D5A03", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "05792C1C-C4BB-4084-96A3-69544076F944", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "6C919501-6AFE-4D4C-84EF-C6AF30EBB769", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "E36291AE-21CB-4ECB-8816-D50712C70E30", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "26B19D43-1A55-45E5-9C0A-00E9487B4282", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "73C1F863-AAC0-446A-98E1-436916DA66B9", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "C26E9A35-AEB3-4856-8410-989D422A6D95", versionEndExcluding: "3.5.18.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "26CA4951-7DD0-4477-8C36-EC07191CAC8F", versionEndExcluding: "3.5.18.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.", }, { lang: "es", value: "En CmpChannelServer de CODESYS versión V3 en múltiples versiones un consumo no controlado de recursos permite a un atacante no autorizado bloquear nuevas conexiones de canales de comunicación. Las conexiones existentes no están afectadas", }, ], id: "CVE-2022-30792", lastModified: "2024-11-21T07:03:23.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-07-11T11:15:08.240", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-22 19:15
Modified
2024-11-21 05:06
Severity ?
Summary
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download= | Mitigation, Vendor Advisory | |
| cve@mitre.org | https://www.codesys.com | Vendor Advisory | |
| cve@mitre.org | https://www.tenable.com/security/research/tra-2020-46 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download= | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.codesys.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2020-46 | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "4AE57E7D-63C1-470F-A95B-B9DA3A586E04", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "7B5F06D0-5224-4D76-A856-9AB57BF87D59", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "CB388FBB-8512-4FCE-A754-A82239A911B9", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "41722BB1-40F6-4D12-9A00-156D04C92097", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "5E56A636-9DC3-411D-B287-308A2BAC759D", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "82614FBA-2612-4FA4-988B-D67E80B5DDA7", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "387FB2B8-5435-4054-94A4-0AE60A42FB0C", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "4B7517E0-0D9C-4AA8-B8A9-7F1420FE4616", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600:*:*:*:*:*:*:*:*", matchCriteriaId: "1C80CDF5-5264-41CD-A475-E46C3E941F4A", versionEndExcluding: "3.5.16.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:-:*:*", matchCriteriaId: "6097C902-F24A-4408-8E2C-C90F0AB67E13", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*", matchCriteriaId: "2DDE8129-4CEE-440B-B0D1-29BB93D1ACE8", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "6CF52B1D-7AF9-4DAD-A8E7-6CB7CC060E08", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "E86A4C83-B82D-4D2F-96C6-C8F66B7AB947", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.5.9.80", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "890104AC-5CB4-466D-9CC0-F39E8B24BD9D", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "7CE9850A-47B3-4C37-90C0-FF9516DF025F", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.5.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "31C2638C-D4C4-4C71-A873-E7836802E6FE", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:simulation_runtime:*:*:*:*:*:*:*:*", matchCriteriaId: "9A09DAE1-678B-49A2-88CE-CFF4F514673E", versionEndExcluding: "3.5.16.10", versionStartIncluding: "3.5.9.40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.", }, { lang: "es", value: "El sistema del tiempo de ejecución de Control CODESYS, versiones anteriores a 3.5.16.10, permite una Asignación de Memoria No Controlada", }, ], id: "CVE-2020-15806", lastModified: "2024-11-21T05:06:13.097", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-22T19:15:12.317", references: [ { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.codesys.com", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-46", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.codesys.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-46", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], id: "CVE-2023-37548", lastModified: "2024-11-21T08:11:54.897", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:09.997", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-07 19:15
Modified
2024-11-21 06:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0588BE-2046-48F8-95E9-338FB009E2FA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*", matchCriteriaId: "45FF3C0B-9043-4E82-A8F3-95CB79D8DAA1", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4CB8984E-ED1F-4F52-B016-F08C0D085C64", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "412EBC80-0D9C-419F-9DC3-E2054A8B93B0", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "F66AAE46-CCF8-46D6-89AD-5A4461FCECE9", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB1C57CE-152A-44AE-98B8-39E310255C8E", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "01A94C91-B155-4A5A-9F0B-F7E04F3B23B5", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "95BC26CF-75EE-43A2-8A92-E877CAF612F3", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "1D85A5BC-ADB6-40E4-9434-B57C99185BBA", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AC013B85-98C0-4EF0-844C-4C75D1D237D9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1A7A44B8-BAC7-47B6-ACDC-015DF54D36BF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F1B30B-6D52-40B1-ABD3-5164A76F5447", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "60E8930A-4C6C-41CE-8BA8-97332DC753FF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "879A9478-54E4-4B6E-A6DC-6DDE1C5E7745", versionEndExcluding: "3.5.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.", }, { lang: "es", value: "Un atacante remoto y no autenticado puede enviar una solicitud HTTP o HTTPS con un diseño específico que provoque una sobrelectura del búfer y provoque un bloqueo del servidor web del sistema de ejecución de CODESYS Control", }, ], id: "CVE-2022-22519", lastModified: "2024-11-21T06:46:56.703", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-07T19:15:08.417", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-126", }, ], source: "info@cert.vde.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-03 16:15
Modified
2024-11-21 06:08
Severity ?
Summary
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control | * | |
| codesys | control_rte | * | |
| codesys | control_rte | * | |
| codesys | control_runtime_system_toolkit | * | |
| codesys | control_win_sl | * | |
| codesys | embedded_target_visu_toolkit | * | |
| codesys | hmi | * | |
| codesys | remote_target_visu_toolkit | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:beaglebone_sl:*:*", matchCriteriaId: "57DD6E2E-9B12-4C30-9CCF-26C5EFCFC0EA", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:empc-a\\/imx6_sl:*:*", matchCriteriaId: "79E8DFCC-74F7-4B0D-A476-D13CBB32EDEF", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:iot2000_sl:*:*", matchCriteriaId: "58160302-830A-463B-AE5F-782B01893F40", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:linux_sl:*:*", matchCriteriaId: "2E740918-B35E-4583-8580-046A7C7F3113", versionEndIncluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:pfc100_sl:*:*", matchCriteriaId: "F00E63D5-8CA2-4082-B522-4B0C51772A4C", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:pfc200_sl:*:*", matchCriteriaId: "6890F3F3-6DF2-4D0C-A431-B3705900E1EB", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:plcnext_sl:*:*", matchCriteriaId: "7D6CA947-A0F3-4F45-804B-BAD4BD24CBC4", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:raspberry_pi_sl:*:*", matchCriteriaId: "1545D5A9-739E-4C36-933A-B87A3D593A22", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control:*:*:*:*:*:wago_touch_panels_600_sl:*:*", matchCriteriaId: "7D0A2D1F-F297-4D5D-8FB1-1C80297E91A1", versionEndExcluding: "4.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:-:*:*", matchCriteriaId: "102C898A-8CA9-4C6E-AAAD-ED947F6DCEA2", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*", matchCriteriaId: "C629084B-E59E-4FA4-A866-7F2FE8C6D26B", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "48B1957E-472D-4A21-A8FC-DF2AF0C118F5", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "FBCFD26C-0262-4D2B-99CA-E7EA0E6B75E3", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B640C5A9-8241-4191-87F6-E31D6902702E", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "9116B38E-7B7C-48DB-B742-A8741EB63892", versionEndExcluding: "3.5.17.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "C86F931B-F172-4B00-B484-48048756655F", versionEndExcluding: "3.5.17.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.", }, { lang: "es", value: "CODESYS Control Runtime system versiones anteriores a 3.5.17.10, presenta un Desbordamiento de Buffer en la región Heap de la memoria", }, ], id: "CVE-2021-33485", lastModified: "2024-11-21T06:08:55.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-03T16:15:08.583", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47379", lastModified: "2024-11-21T07:31:51.783", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.530", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-26 04:15
Modified
2024-11-21 04:55
Severity ?
Summary
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "0EA61ACB-5690-42D7-8420-E77E58D5BA4D", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "A5FB5ED1-0B3C-4426-AC3E-621C230AE38C", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "1477C3BF-2636-4D41-B951-CED7CAE6731A", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "82047F2C-2D3D-4D6C-9DAE-512BD9639747", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "E832FD04-9206-4881-8695-8FA7FE788EE7", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "C21D2A80-B830-483F-A748-2F082D369C73", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "9CD92E41-9C0A-47E0-8B90-181A2ECC4627", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "491C7EFF-D620-40EB-B112-9D0B2AC62B76", versionEndExcluding: "3.5.15.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "75BA05C4-3066-4354-9F99-232D181D0CA6", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*", matchCriteriaId: "D3281307-8315-42A5-84FD-C683C54B603A", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E095D809-8408-4FEE-874F-1F021EC7E97E", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "43EBED50-DFA9-430B-8B3C-8994E2E43470", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.5.9.80", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "93ACEEA3-B958-4070-86F0-5C84869A13E7", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "A4CF0416-A09F-46CF-8285-A46E7F1A2F8C", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.5.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "CBC06C9A-3D60-46FF-BCF4-B1C472DB3850", versionEndExcluding: "3.5.15.40", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.", }, { lang: "es", value: "El servidor web CODESYS versiones V3 anteriores a 3.5.15.40, como es usado en los sistemas de tiempo de ejecución CODESYS Control, presenta un desbordamiento del búfer.", }, ], id: "CVE-2020-10245", lastModified: "2024-11-21T04:55:03.253", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-26T04:15:11.533", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-16", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-11-20 18:15
Modified
2024-11-21 04:33
Severity ?
Summary
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf | Vendor Advisory | |
| cve@mitre.org | https://www.tenable.com/security/research/tra-2019-48 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2019-48 | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "0EC6B28E-A811-41B3-8211-5C00F43501B0", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "C35E21FB-D148-4295-8F6E-250276198B78", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "5B3FD146-88C2-4091-9A95-5F1734B4FBC9", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9A300E3F-5BF6-455E-ADDC-D7443254F049", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "1502A884-95A6-4587-8EFA-82374251CD3A", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "02BEA387-FF44-4AF9-8B80-CD8D6E7F4549", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*", matchCriteriaId: "8D16B0FB-C69F-4D02-9598-22ADD027D9AA", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "AA7D956E-7844-4F3D-BF27-E38E5D2B0A68", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "15CFC3A8-1D5C-486E-97CB-0F38E9874B96", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "02ED0463-8628-488A-B931-683A2C0205B9", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "9CFF4CBE-6291-479D-BC3C-379C7F7D8337", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A4D32C64-2C59-461B-8E33-A4EDF31E886E", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "95BE3C03-7A36-4AD8-B5E9-BD91BD729B72", versionEndExcluding: "3.5.15.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "1451AE82-855F-425C-9C30-2B96F4B8F2EC", versionEndExcluding: "3.5.15.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.", }, { lang: "es", value: "El servidor web CODESYS 3 versiones anteriores a la versión 3.5.15.20, distribuido con los sistemas de tiempo de ejecución CODESYS Control, tiene un desbordamiento de búfer.", }, ], id: "CVE-2019-18858", lastModified: "2024-11-21T04:33:43.753", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-20T18:15:10.917", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2019-48", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2019-48", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559", }, { lang: "es", value: "Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación de red específicas diseñadas con contenido inconsistente pueden hacer que el componente CmpAppForce lea internamente desde una dirección no válida, lo que podría conducir a una condición de denegación de servicio. Esta vulnerabilidad es diferente a CVE-2023-37559", }, ], id: "CVE-2023-37558", lastModified: "2024-11-21T08:11:56.503", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.890", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47387", lastModified: "2024-11-21T07:31:52.803", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.067", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47386", lastModified: "2024-11-21T07:31:52.683", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.993", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47390", lastModified: "2024-11-21T07:31:53.183", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.327", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.\n\n", }, { lang: "es", value: "En múltiples versiones de múltiples productos de Codesys, después de una autenticación exitosa como usuario, las solicitudes de comunicación de red con contenido inconsistente pueden causar que el componente CmpAppBP lea internamente desde una dirección inválida, potencialmente llevando a una condición de denegación de servicio. Esta vulnerabilidad es diferente de CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 y CVE-2023-37556.", }, ], id: "CVE-2023-37553", lastModified: "2024-11-21T08:11:55.730", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.443", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 11:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], id: "CVE-2022-47393", lastModified: "2024-11-21T07:31:53.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T11:15:08.820", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-07 19:15
Modified
2024-11-21 06:46
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "5C0588BE-2046-48F8-95E9-338FB009E2FA", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*", matchCriteriaId: "45FF3C0B-9043-4E82-A8F3-95CB79D8DAA1", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4CB8984E-ED1F-4F52-B016-F08C0D085C64", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "412EBC80-0D9C-419F-9DC3-E2054A8B93B0", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB585AB5-D0AC-46DC-9723-A0FEFBFB015C", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "4F6E2A1D-0187-4C71-A87D-48B3EC3D99DD", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A78E493B-6D9E-4196-830C-24BCF25D3D44", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "F66AAE46-CCF8-46D6-89AD-5A4461FCECE9", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9D5DE9D1-C334-452C-A64B-D74A48017B6D", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AB1C57CE-152A-44AE-98B8-39E310255C8E", versionEndExcluding: "4.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "01A94C91-B155-4A5A-9F0B-F7E04F3B23B5", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "95BC26CF-75EE-43A2-8A92-E877CAF612F3", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "1D85A5BC-ADB6-40E4-9434-B57C99185BBA", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "AC013B85-98C0-4EF0-844C-4C75D1D237D9", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "25737EE6-531E-4241-AA40-856388A2E333", versionEndExcluding: "3.5.18.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "E9F1B30B-6D52-40B1-ABD3-5164A76F5447", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "60E8930A-4C6C-41CE-8BA8-97332DC753FF", versionEndExcluding: "3.5.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "879A9478-54E4-4B6E-A6DC-6DDE1C5E7745", versionEndExcluding: "3.5.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.", }, { lang: "es", value: "Un atacante remoto y autentificado podría utilizar el programa de control del sistema de tiempo de ejecución CODESYS Control para utilizar la vulnerabilidad con el fin de leer y modificar el/los archivo/s de configuración de los productos afectados", }, ], id: "CVE-2022-22515", lastModified: "2024-11-21T06:46:56.173", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-04-07T19:15:08.187", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-668", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-13 17:15
Modified
2024-11-21 04:25
Severity ?
Summary
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-255-01 | Mitigation, Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-255-01 | Mitigation, Patch, Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "BC95996F-4E60-4CCE-BC7D-2F998969455D", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "CCE0D6F6-86D9-488A-A02B-48F4BD6F67D4", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "08C05889-826B-411F-AD6A-F18C432A3B1F", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "225A5B49-7DB5-4B80-A560-5BEE65A7FC3D", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "3E6DD82E-5047-4E7B-8C73-3BF8FD112F3A", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "47A9B7EB-229C-4A23-9BB7-72A5ABD61279", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "43092C73-1302-4915-B2BC-59058FF61EFA", versionEndExcluding: "3.5.14.10", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "B9392852-7BEF-402C-9ED4-2D7D40955311", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.5.8.60", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "FB77946F-7038-40FD-8204-B777ED0E59D2", versionEndExcluding: "3.5.14.10", versionStartIncluding: "3.5.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "F1CB113B-1207-43D9-A999-42B08AD50EB2", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "EE519838-FADF-43EA-9723-9283C0E18E85", versionEndIncluding: "3.5.12.80", versionStartIncluding: "3.5.9.80", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "3466070E-1377-4272-AC73-717B9DEC144C", versionEndExcluding: "3.5.14.10", versionStartIncluding: "3.5.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "07A7C9E7-ABF4-4C29-AF16-E697E35CFFC7", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "BD2CDAC2-F8EB-45F4-82E2-5E5601F49D8A", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.5.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "1AC3C628-281A-4E8E-ADE6-4CE976E187D4", versionEndExcluding: "3.5.14.10", versionStartIncluding: "3.5.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "08230AB2-9EA0-4F98-8CE5-0A9ADB2B2334", versionEndExcluding: "3.5.12.80", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.", }, { lang: "es", value: "El servidor web de CODESYS V3, todas las versiones anteriores a 3.5.14.10, permite a un atacante enviar peticiones http o https especialmente diseñadas que podrían causar un desbordamiento de la pila y crear una condición de denegación de servicio o permitir la ejecución de código remota.", }, ], id: "CVE-2019-13548", lastModified: "2024-11-21T04:25:07.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-13T17:15:11.693", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "194E2F1E-C70A-429E-B61C-B70902A6CDA7", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "FEFBC44F-0969-4806-AABD-B02DFEBF8F01", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7C405ECA-126C-4110-A18A-787D11377CE6", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7047C70D-268D-45B7-A095-39B5A8345ACB", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "38F84368-415F-4C37-A988-C8DB540F1345", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A0B6F1D2-8408-4172-B3E9-7C276CC71433", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "94383C92-CBC7-4941-B06C-00D889316FEF", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "1785F440-BA92-4F37-9A72-F4AC971B3B8A", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "A320BED3-0F2F-45C0-9D74-8A21158B8ED9", versionEndExcluding: "4.7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "7BF25557-407B-4FD3-9694-92159C8094B8", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "5BC8B234-3EC0-4737-8E12-CAA349FC7962", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "0C5905D5-B99C-4995-BEC7-A0E01D9E014B", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "34100446-7766-42D7-ACC4-D9C3193797C8", versionEndExcluding: "3.5.18.40", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "2C7CEA77-B831-4047-BA85-B587DDF25C7C", versionEndExcluding: "3.5.18.40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], id: "CVE-2022-47391", lastModified: "2024-11-21T07:31:53.310", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.390", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], id: "CVE-2023-37547", lastModified: "2024-11-21T08:11:54.743", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:09.910", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-07 19:15
Modified
2024-11-21 06:46
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "B6EFFE98-C633-4C31-9FDA-F88C4CE7A04B", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*", matchCriteriaId: "6492A42C-B284-4981-9DA0-6CCDA56987FD", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "471215BE-80E8-4191-BD3A-863E62FDD021", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "0C97B5A4-BCA2-4B0F-9A06-676F0AA0D55A", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "E50B1160-AC34-435E-8761-92AD66CC20BF", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "EC0DF7A9-11CA-4622-8C9F-89AB063E26D2", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "1320EE2C-DE77-4E23-A7C6-0579886C83B7", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "D57C6EB7-AF27-4FEF-9202-4235D28CEA9B", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "96A593C8-0EFE-46F1-B80C-F2FB909FC890", versionEndExcluding: "4.5.0.0", versionStartIncluding: "4.4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "D9D653AF-79DA-4975-973D-1054069A5D13", versionEndExcluding: "3.5.18.0", versionStartIncluding: "3.5.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.", }, { lang: "es", value: "Un error en el componente CmpUserMgr puede conllevar a una aplicación parcial de las políticas de seguridad. Esto puede resultar en un acceso habilitado y anónimo a componentes que forman parte de la política de seguridad aplicada", }, ], id: "CVE-2022-22518", lastModified: "2024-11-21T06:46:56.580", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-04-07T19:15:08.357", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.\n\n", }, { lang: "es", value: "En varias versiones de varios productos Codesys, después de una autenticación exitosa como usuario, solicitudes de comunicación de red específicas diseñadas con contenido inconsistente pueden hacer que el componente CmpAppBP lea internamente desde una dirección no válida, lo que podría provocar una condición de denegación de servicio. Esta vulnerabilidad es diferente a CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 y CVE-2023-37555.", }, ], id: "CVE-2023-37556", lastModified: "2024-11-21T08:11:56.203", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.707", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.\n\n", }, { lang: "es", value: "En varias versiones de varios productos Codesys, después de una autenticación exitosa como usuario, solicitudes de comunicación de red específicas diseñadas con contenido inconsistente pueden hacer que el componente CmpAppBP lea internamente desde una dirección no válida, lo que podría provocar una condición de denegación de servicio. Esta vulnerabilidad es diferente a CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 y CVE-2023-37556.", }, ], id: "CVE-2023-37552", lastModified: "2024-11-21T08:11:55.577", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.353", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-03 12:15
Modified
2024-11-21 08:11
Severity ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80D9DB34-C2BD-441F-B8D9-02EFA27BECD8", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "74FE662F-5397-4CB7-9243-1E6ED0AAEC29", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8896E77C-EB29-4CB9-BC98-D5A34791A961", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "56101551-21ED-4409-9932-9EFA225AF20C", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C1239AA8-B094-4DA3-82B7-38F85B6C3940", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C248B53C-3C09-4068-9E57-8F9A4D2B7AD0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "C7995687-1BCD-454D-8546-52B80B5F22B0", versionEndExcluding: "4.10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*", matchCriteriaId: "297D8781-B331-40B2-BD34-0041A316D5C8", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "09CC9B78-B3B4-4D49-9F23-DC5C80D52588", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ACDCB65A-1328-422D-99A0-1D0FFE9AC793", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "81E2FE85-347D-42DE-9360-D5DB79AAD085", versionEndExcluding: "3.5.19.20", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "A7DF2418-1EC1-4672-941E-098EBC9BDF4F", versionEndExcluding: "3.5.19.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.", }, { lang: "es", value: "Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación remota diseñadas específicamente pueden hacer que el componente CmpAppBP sobrescriba un desbordamiento de búfer, lo que puede conducir a una condición de denegación de servicio.", }, ], id: "CVE-2023-37557", lastModified: "2024-11-21T08:11:56.350", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-08-03T12:15:10.797", references: [ { source: "info@cert.vde.com", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47381", lastModified: "2024-11-21T07:31:52.043", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.667", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-03 14:15
Modified
2024-11-21 06:00
Severity ?
Summary
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://customers.codesys.com/index.php | Permissions Required, Vendor Advisory | |
| cve@mitre.org | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download= | Vendor Advisory | |
| cve@mitre.org | https://www.codesys.com/security/security-reports.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/index.php | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download= | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.codesys.com/security/security-reports.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "5EA5176A-EC2A-4D06-A180-CE7204DBAF92", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "089B01CE-0023-44E9-8149-95A9C8BFC544", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "150D1F73-22B1-4B41-97A0-B02EF5CE92A9", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_arm_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "11A71DCF-8007-4693-BD0F-22FCD0FC0C62", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6ADB2C58-D545-451E-BE60-7B989E9EBCEF", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6C535337-0082-4C76-B9E9-E0F9EA4D1E36", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "ADCF1EDB-6FED-4421-BF16-A14EE6EB0505", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9DB284A7-76D5-4BD1-972B-751AC0B378D8", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "BA3C058E-AE70-4E64-B3A0-60DED7A26B18", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "67D475FB-BF84-4EEE-B096-8B81C2ED36A5", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "64A83FD0-A545-459B-860F-70DE8E4A69DC", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*", matchCriteriaId: "9BFCCFA4-A803-4B5E-BAD5-C26A6FE33A4C", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "0224CA62-8670-4135-9A50-5E523D89CB25", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "25458B55-414D-4CB4-BD51-4E4D101BB24A", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*", matchCriteriaId: "E331194D-C80D-4C81-A332-9F67F6425FD0", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*", matchCriteriaId: "FFBA19D6-9436-4E14-B9D3-28B82CB0321D", versionEndExcluding: "4.1.0.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A59EBA23-C9F0-4A7A-9483-2EB9377023CE", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E3954149-77D5-4FEE-B236-578D0ED18592", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "A39C361B-514B-423C-B917-2E13935DF1A9", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:opc_server:*:*:*:*:*:*:*:*", matchCriteriaId: "E59EF90A-4580-41AD-8DAB-1259C766E230", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:plchandler:*:*:*:*:*:*:*:*", matchCriteriaId: "242B0BB4-1E48-4CD1-AFF3-F96561D2A885", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "74AB840C-88D7-47CA-8716-0C0F6ABEE8E2", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil:*:*:*:*:*:*:*:*", matchCriteriaId: "FEF5325B-B72B-46BB-9DCB-F8054621DA6D", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:simulation_runtime:*:*:*:*:*:*:*:*", matchCriteriaId: "61972DA3-9423-4C13-98E3-F287BD414A59", versionEndExcluding: "3.5.17.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.", }, { lang: "es", value: "El sistema CODESYS Control Runtime versiones anteriores a 3.5.17.0, presenta una comprobación inapropiada de entrada. Los atacantes pueden enviar paquetes de comunicación diseñados para cambiar el esquema de direccionamiento del enrutador y pueden redireccionar, agregar, eliminar o cambiar paquetes de comunicación de bajo nivel.", }, ], id: "CVE-2021-29242", lastModified: "2024-11-21T06:00:52.023", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-03T14:15:07.667", references: [ { source: "cve@mitre.org", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.codesys.com/security/security-reports.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://customers.codesys.com/index.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.codesys.com/security/security-reports.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2022-22515
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-16 17:59
Severity ?
EPSS score ?
Summary
A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.437Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.17.40", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4", versionType: "custom", }, ], }, ], datePublic: "2022-06-01T00:00:00", descriptions: [ { lang: "en", value: "A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-668", description: "CWE-668 Exposure of Resource to Wrong Sphere", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-12T07:45:29", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=", }, ], source: { discovery: "UNKNOWN", }, title: "A component of the CODESYS Control runtime system allows read and write access to configuration files", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-06-01T10:00:00.000Z", ID: "CVE-2022-22515", STATE: "PUBLIC", TITLE: "A component of the CODESYS Control runtime system allows read and write access to configuration files", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.17.40", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4", version_value: "V4.5.0.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-668 Exposure of Resource to Wrong Sphere", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22515", datePublished: "2022-04-07T18:21:16.280553Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-16T17:59:22.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37553
Vulnerability from cvelistv5
Published
2023-08-03 11:04
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.602Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37553", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:05:01.815292Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:10:16.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:04:39.061Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37553", datePublished: "2023-08-03T11:04:39.061Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:10:16.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37552
Vulnerability from cvelistv5
Published
2023-08-03 11:04
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.508Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37552", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:04:09.376275Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:10:33.714Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:04:04.128Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37552", datePublished: "2023-08-03T11:04:04.128Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:10:33.714Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22513
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-17 04:29
Severity ?
EPSS score ?
Summary
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3.5.18.0 < V3.5.18.0 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.460Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-27T05:55:10", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], source: { discovery: "UNKNOWN", }, title: "Null Pointer Dereference in multiple CODESYS products can lead to a DoS.", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22513", STATE: "PUBLIC", TITLE: "Null Pointer Dereference in multiple CODESYS products can lead to a DoS.", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Linux", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22513", datePublished: "2022-04-07T18:21:12.792321Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-17T04:29:14.122Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30791
Vulnerability from cvelistv5
Published
2022-07-11 10:40
Modified
2024-09-16 16:48
Severity ?
EPSS score ?
Summary
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3 < V3.5.18.20 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:03:38.611Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.10", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, ], datePublic: "2022-07-08T00:00:00", descriptions: [ { lang: "en", value: "In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-11T10:40:38", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], source: { defect: [ "CERT@VDE#", "64129", ], discovery: "UNKNOWN", }, title: "CODESYS V3: CmpBlkDrvTcp allows unauthenticated attackers to block all its available TCP connections", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-07-08T06:00:00.000Z", ID: "CVE-2022-30791", STATE: "PUBLIC", TITLE: "CODESYS V3: CmpBlkDrvTcp allows unauthenticated attackers to block all its available TCP connections", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.10", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Linux", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400 Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], }, source: { defect: [ "CERT@VDE#", "64129", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-30791", datePublished: "2022-07-11T10:40:38.913416Z", dateReserved: "2022-05-16T00:00:00", dateUpdated: "2024-09-16T16:48:31.565Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37546
Vulnerability from cvelistv5
Published
2023-08-03 11:00
Modified
2024-10-11 18:14
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.484Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37546", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:33.810402Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:14:28.818Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:00:33.624Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37546", datePublished: "2023-08-03T11:00:33.624Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:14:28.818Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37548
Vulnerability from cvelistv5
Published
2023-08-03 11:02
Modified
2024-10-11 18:12
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.432Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37548", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:49.760916Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:12:26.294Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:02:02.224Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37548", datePublished: "2023-08-03T11:02:02.224Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:12:26.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47379
Vulnerability from cvelistv5
Published
2023-05-15 09:33
Modified
2025-03-05 19:01
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.032Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47379", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:54.742167Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:01:07.355Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:33:41.697Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47379", datePublished: "2023-05-15T09:33:41.697Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:01:07.355Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22514
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-17 03:03
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3.5.18.0 < V3.5.18.0 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.446Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-822", description: "CWE-822: Untrusted Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-27T05:55:11", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], source: { discovery: "UNKNOWN", }, title: "Untrusted Pointer Dereference in multiple CODESYS products can lead to a DoS.", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22514", STATE: "PUBLIC", TITLE: "Untrusted Pointer Dereference in multiple CODESYS products can lead to a DoS.", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Linux", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-822: Untrusted Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22514", datePublished: "2022-04-07T18:21:14.309072Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-17T03:03:50.086Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47380
Vulnerability from cvelistv5
Published
2023-05-15 09:40
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47380", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:50.342923Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:59.205Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:40:44.538Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47380", datePublished: "2023-05-15T09:40:44.538Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:59.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47390
Vulnerability from cvelistv5
Published
2023-05-15 09:58
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47390", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:15.103519Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:40.115Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:58:21.588Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47390", datePublished: "2023-05-15T09:58:21.588Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:40.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30792
Vulnerability from cvelistv5
Published
2022-07-11 10:40
Modified
2024-09-16 23:05
Severity ?
EPSS score ?
Summary
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3 < V3.5.18.20 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:03:38.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.10", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.20", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V3", versionType: "custom", }, ], }, ], datePublic: "2022-07-08T00:00:00", descriptions: [ { lang: "en", value: "In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-11T10:40:43", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], source: { defect: [ "CERT@VDE#", "64130", ], discovery: "UNKNOWN", }, title: "CODESYS: CmpChannelServer, CmpChannelServerEmbedded allow unauthenticated attackers to block all their available communication channels", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-07-08T06:00:00.000Z", ID: "CVE-2022-30792", STATE: "PUBLIC", TITLE: "CODESYS: CmpChannelServer, CmpChannelServerEmbedded allow unauthenticated attackers to block all their available communication channels", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.10", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Linux", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V4.5.0.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400 Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=", }, ], }, source: { defect: [ "CERT@VDE#", "64130", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-30792", datePublished: "2022-07-11T10:40:43.935648Z", dateReserved: "2022-05-16T00:00:00", dateUpdated: "2024-09-16T23:05:31.037Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22517
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-16 22:16
Severity ?
EPSS score ?
Summary
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3.5.18.0 < V3.5.18.0 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS OPC DA Server SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS PLCHandler", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-334", description: "CWE-334 Small Space of Random Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-07T18:21:19", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], source: { discovery: "UNKNOWN", }, title: "Communication Components in multiple CODESYS products vulnerable to communication channel disruption", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22517", STATE: "PUBLIC", TITLE: "Communication Components in multiple CODESYS products vulnerable to communication channel disruption", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Linux", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS OPC DA Server SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS PLCHandler", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-334 Small Space of Random Values", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22517", datePublished: "2022-04-07T18:21:20.091353Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-16T22:16:04.923Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10245
Vulnerability from cvelistv5
Published
2020-03-26 03:45
Modified
2024-08-04 10:58
Severity ?
EPSS score ?
Summary
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/research/tra-2020-16 | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download= | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:58:39.676Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2020-16", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-26T03:49:32", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2020-16", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-10245", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/research/tra-2020-16", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2020-16", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-10245", datePublished: "2020-03-26T03:45:20", dateReserved: "2020-03-09T00:00:00", dateUpdated: "2024-08-04T10:58:39.676Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37551
Vulnerability from cvelistv5
Published
2023-08-03 11:03
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.609Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37551", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:01:50.770279Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:10:51.431Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:03:37.457Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Files or Directories Accessible to External Parties in CmpApp", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37551", datePublished: "2023-08-03T11:03:37.457Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:10:51.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37549
Vulnerability from cvelistv5
Published
2023-08-03 11:02
Modified
2024-10-11 18:12
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.241Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37549", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:01:40.613696Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:12:01.720Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:02:33.725Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37549", datePublished: "2023-08-03T11:02:33.725Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:12:01.720Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37559
Vulnerability from cvelistv5
Published
2023-08-03 11:06
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.700Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37559", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:07:28.102576Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:09:05.823Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558", }, ], value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:06:56.079Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Validation of Consistency within Input in multiple products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37559", datePublished: "2023-08-03T11:06:56.079Z", dateReserved: "2023-07-07T07:39:19.122Z", dateUpdated: "2024-10-11T18:09:05.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47389
Vulnerability from cvelistv5
Published
2023-05-15 09:57
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.296Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47389", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:17.996509Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:49.436Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:57:37.177Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47389", datePublished: "2023-05-15T09:57:37.177Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:49.436Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-4046
Vulnerability from cvelistv5
Published
2023-08-03 12:39
Modified
2024-10-22 19:44
Severity ?
EPSS score ?
Summary
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: all |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:27:54.486Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-025/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-4046", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T19:43:34.142141Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T19:44:02.247Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.", }, ], value: "In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T12:39:44.002Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-025/", }, ], source: { defect: [ "CERT@VDE#64299", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper memory restrictions fro CODESYS Control", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-4046", datePublished: "2023-08-03T12:39:44.002Z", dateReserved: "2022-11-17T07:07:09.714Z", dateUpdated: "2024-10-22T19:44:02.247Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47383
Vulnerability from cvelistv5
Published
2023-05-15 09:44
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47383", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:37.721047Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:34.790Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:44:53.440Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47383", datePublished: "2023-05-15T09:44:53.440Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:34.790Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47393
Vulnerability from cvelistv5
Published
2023-05-15 10:03
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.190Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47393", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:02.605164Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:25.695Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T10:03:58.680Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to improperly restricted memory operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47393", datePublished: "2023-05-15T10:03:58.680Z", dateReserved: "2022-12-14T06:03:27.266Z", dateUpdated: "2025-03-05T18:59:25.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47378
Vulnerability from cvelistv5
Published
2023-05-15 09:30
Modified
2025-03-05 19:01
Severity ?
EPSS score ?
Summary
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47378", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:10.260425Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:01:14.095Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Ramin Nafisi, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:30:22.173Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47378", datePublished: "2023-05-15T09:30:22.173Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:01:14.095Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47388
Vulnerability from cvelistv5
Published
2023-05-15 09:56
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.136Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47388", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:20.872432Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:57.472Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:56:43.518Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47388", datePublished: "2023-05-15T09:56:43.518Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:57.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29242
Vulnerability from cvelistv5
Published
2021-05-03 13:56
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://customers.codesys.com/index.php | x_refsource_MISC | |
| https://www.codesys.com/security/security-reports.html | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download= | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:02:51.582Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.codesys.com/security/security-reports.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-03T13:56:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php", }, { tags: [ "x_refsource_MISC", ], url: "https://www.codesys.com/security/security-reports.html", }, { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29242", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php", refsource: "MISC", url: "https://customers.codesys.com/index.php", }, { name: "https://www.codesys.com/security/security-reports.html", refsource: "MISC", url: "https://www.codesys.com/security/security-reports.html", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29242", datePublished: "2021-05-03T13:56:06", dateReserved: "2021-03-25T00:00:00", dateUpdated: "2024-08-03T22:02:51.582Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13532
Vulnerability from cvelistv5
Published
2019-09-13 16:58
Modified
2024-08-04 23:57
Severity ?
EPSS score ?
Summary
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-255-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CODESYS V3 web server |
Version: all versions prior to 3.5.14.10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:57:39.525Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS V3 web server", vendor: "n/a", versions: [ { status: "affected", version: "all versions prior to 3.5.14.10", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-13T16:58:21", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2019-13532", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS V3 web server", version: { version_data: [ { version_value: "all versions prior to 3.5.14.10", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2019-13532", datePublished: "2019-09-13T16:58:21", dateReserved: "2019-07-11T00:00:00", dateUpdated: "2024-08-04T23:57:39.525Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13548
Vulnerability from cvelistv5
Published
2019-09-13 16:58
Modified
2024-08-04 23:57
Severity ?
EPSS score ?
Summary
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-255-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CODESYS V3 web server |
Version: all versions prior to 3.5.14.10 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:57:39.467Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS V3 web server", vendor: "n/a", versions: [ { status: "affected", version: "all versions prior to 3.5.14.10", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "STACK-BASED BUFFER OVERFLOW CWE-121", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-13T16:58:29", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2019-13548", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS V3 web server", version: { version_data: [ { version_value: "all versions prior to 3.5.14.10", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "STACK-BASED BUFFER OVERFLOW CWE-121", }, ], }, ], }, references: { reference_data: [ { name: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2019-13548", datePublished: "2019-09-13T16:58:29", dateReserved: "2019-07-11T00:00:00", dateUpdated: "2024-08-04T23:57:39.467Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47385
Vulnerability from cvelistv5
Published
2023-05-15 09:47
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.825Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47385", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:31.034306Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:21.424Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:47:18.175Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47385", datePublished: "2023-05-15T09:47:18.175Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:21.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47384
Vulnerability from cvelistv5
Published
2023-05-15 09:46
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.031Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47384", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:34.304512Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:27.725Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:46:29.134Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47384", datePublished: "2023-05-15T09:46:29.134Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:27.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37545
Vulnerability from cvelistv5
Published
2023-08-03 10:59
Modified
2024-10-11 18:14
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.338Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37545", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:27.383050Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:14:47.934Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T10:59:28.961Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37545", datePublished: "2023-08-03T10:59:28.961Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:14:47.934Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37550
Vulnerability from cvelistv5
Published
2023-08-03 11:03
Modified
2024-10-11 18:11
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.425Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37550", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:01:46.088420Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:11:18.756Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:03:09.222Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37550", datePublished: "2023-08-03T11:03:09.222Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:11:18.756Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37555
Vulnerability from cvelistv5
Published
2023-08-03 11:05
Modified
2024-10-09 20:52
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.445Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37555", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:49:10.954455Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:52:51.974Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:05:33.660Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37555", datePublished: "2023-08-03T11:05:33.660Z", dateReserved: "2023-07-07T07:39:19.120Z", dateUpdated: "2024-10-09T20:52:51.974Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37556
Vulnerability from cvelistv5
Published
2023-08-03 11:05
Modified
2024-10-09 20:52
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.852Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37556", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:49:03.697246Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:52:36.722Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:05:52.986Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37556", datePublished: "2023-08-03T11:05:52.986Z", dateReserved: "2023-07-07T07:39:19.120Z", dateUpdated: "2024-10-09T20:52:36.722Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47381
Vulnerability from cvelistv5
Published
2023-05-15 09:41
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47381", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:45.557305Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:50.181Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:41:51.613Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47381", datePublished: "2023-05-15T09:41:51.613Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:50.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29241
Vulnerability from cvelistv5
Published
2021-05-03 13:17
Modified
2024-08-03 22:02
Severity ?
EPSS score ?
Summary
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
References
| ▼ | URL | Tags |
|---|---|---|
| https://customers.codesys.com/index.php | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download= | x_refsource_MISC | |
| https://www.codesys.com/security/security-reports.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:02:51.320Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.codesys.com/security/security-reports.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-16T13:55:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php", }, { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=", }, { tags: [ "x_refsource_MISC", ], url: "https://www.codesys.com/security/security-reports.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29241", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php", refsource: "MISC", url: "https://customers.codesys.com/index.php", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=", }, { name: "https://www.codesys.com/security/security-reports.html", refsource: "MISC", url: "https://www.codesys.com/security/security-reports.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29241", datePublished: "2021-05-03T13:17:03", dateReserved: "2021-03-25T00:00:00", dateUpdated: "2024-08-03T22:02:51.320Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22518
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-17 02:11
Severity ?
EPSS score ?
Summary
A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: V4.5.0.0 < V4.5.0.0 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.478Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-276", description: "CWE-276 Incorrect Default Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-12T07:45:30", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=", }, ], source: { discovery: "UNKNOWN", }, title: "A bug in the CODESYS V3 CmpUserMgr component fails to correctly apply a security policy.", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22518", STATE: "PUBLIC", TITLE: "A bug in the CODESYS V3 CmpUserMgr component fails to correctly apply a security policy.", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-276 Incorrect Default Permissions", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22518", datePublished: "2022-04-07T18:21:21.950776Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-17T02:11:34.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-36763
Vulnerability from cvelistv5
Published
2021-08-03 15:49
Modified
2024-08-04 01:01
Severity ?
EPSS score ?
Summary
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:01:58.779Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-03T15:49:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-36763", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-36763", datePublished: "2021-08-03T15:49:10", dateReserved: "2021-07-16T00:00:00", dateUpdated: "2024-08-04T01:01:58.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47386
Vulnerability from cvelistv5
Published
2023-05-15 09:49
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47386", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:28.058624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:14.509Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:49:04.949Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47386", datePublished: "2023-05-15T09:49:04.949Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:14.509Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37557
Vulnerability from cvelistv5
Published
2023-08-03 11:06
Modified
2024-10-09 20:52
Severity ?
EPSS score ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37557", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:48:56.664856Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:52:16.817Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.", }, ], value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:06:17.884Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Heap-based Buffer Overflow in multiple products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37557", datePublished: "2023-08-03T11:06:17.884Z", dateReserved: "2023-07-07T07:39:19.121Z", dateUpdated: "2024-10-09T20:52:16.817Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22519
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-17 03:22
Severity ?
EPSS score ?
Summary
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3.5.18.0 < V3.5.18.0 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.378Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-126", description: "CWE-126 Buffer Over-read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-27T05:55:13", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=", }, ], source: { discovery: "UNKNOWN", }, title: "Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22519", STATE: "PUBLIC", TITLE: "Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-126 Buffer Over-read", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22519", datePublished: "2022-04-07T18:21:23.764420Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-17T03:22:45.345Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47392
Vulnerability from cvelistv5
Published
2023-05-15 10:01
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.701Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47392", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:06.722632Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:32.783Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T10:01:09.224Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47392", datePublished: "2023-05-15T10:01:09.224Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:32.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-12068
Vulnerability from cvelistv5
Published
2020-05-14 20:29
Modified
2024-08-04 11:48
Severity ?
EPSS score ?
Summary
An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.codesys.com | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download= | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:48:57.839Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.codesys.com", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-14T20:29:21", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.codesys.com", }, { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-12068", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.codesys.com", refsource: "MISC", url: "https://www.codesys.com", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-12068", datePublished: "2020-05-14T20:29:21", dateReserved: "2020-04-22T00:00:00", dateUpdated: "2024-08-04T11:48:57.839Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33485
Vulnerability from cvelistv5
Published
2021-08-03 15:44
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:50:42.583Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-03T15:44:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-33485", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-33485", datePublished: "2021-08-03T15:44:56", dateReserved: "2021-05-21T00:00:00", dateUpdated: "2024-08-03T23:50:42.583Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47382
Vulnerability from cvelistv5
Published
2023-05-15 09:42
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47382", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:40.954048Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:42.862Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:42:48.212Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47382", datePublished: "2023-05-15T09:42:48.212Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:42.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-15806
Vulnerability from cvelistv5
Published
2020-07-22 18:14
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.codesys.com | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download= | x_refsource_CONFIRM | |
| https://www.tenable.com/security/research/tra-2020-46 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:30:22.371Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.codesys.com", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2020-46", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T22:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.codesys.com", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2020-46", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-15806", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.codesys.com", refsource: "MISC", url: "https://www.codesys.com", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=", }, { name: "https://www.tenable.com/security/research/tra-2020-46", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2020-46", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-15806", datePublished: "2020-07-22T18:14:43", dateReserved: "2020-07-17T00:00:00", dateUpdated: "2024-08-04T13:30:22.371Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47387
Vulnerability from cvelistv5
Published
2023-05-15 09:54
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.968Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47387", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:24.928624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:07.443Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:54:41.625Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47387", datePublished: "2023-05-15T09:54:41.625Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T19:00:07.443Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47391
Vulnerability from cvelistv5
Published
2023-05-15 09:59
Modified
2025-01-23 19:19
Severity ?
EPSS score ?
Summary
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47391", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-23T19:18:44.576335Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-23T19:19:22.826Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:59:52.803Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47391", datePublished: "2023-05-15T09:59:52.803Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-01-23T19:19:22.826Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7052
Vulnerability from cvelistv5
Published
2020-01-24 19:31
Modified
2024-08-04 09:18
Severity ?
EPSS score ?
Summary
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/research/tra-2020-04 | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download= | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:02.939Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2020-04", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-24T19:31:58", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2020-04", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-7052", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/research/tra-2020-04", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2020-04", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-7052", datePublished: "2020-01-24T19:31:59", dateReserved: "2020-01-14T00:00:00", dateUpdated: "2024-08-04T09:18:02.939Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-18858
Vulnerability from cvelistv5
Published
2019-11-20 17:04
Modified
2024-08-05 02:02
Severity ?
EPSS score ?
Summary
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf | x_refsource_MISC | |
| https://www.tenable.com/security/research/tra-2019-48 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:02:39.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2019-48", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-20T20:07:11", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2019-48", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-18858", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf", refsource: "MISC", url: "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf", }, { name: "https://www.tenable.com/security/research/tra-2019-48", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2019-48", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-18858", datePublished: "2019-11-20T17:04:25", dateReserved: "2019-11-11T00:00:00", dateUpdated: "2024-08-05T02:02:39.804Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37558
Vulnerability from cvelistv5
Published
2023-08-03 11:06
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.767Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37558", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:07:13.616622Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:09:20.780Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559", }, ], value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:06:36.112Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Validation of Consistency within Input in multiple products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37558", datePublished: "2023-08-03T11:06:36.112Z", dateReserved: "2023-07-07T07:39:19.121Z", dateUpdated: "2024-10-11T18:09:20.780Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37554
Vulnerability from cvelistv5
Published
2023-08-03 11:05
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.422Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37554", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:05:06.756495Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:09:34.979Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:05:09.750Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37554", datePublished: "2023-08-03T11:05:09.750Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:09:34.979Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22508
Vulnerability from cvelistv5
Published
2023-05-15 09:27
Modified
2025-01-23 19:24
Severity ?
EPSS score ?
Summary
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS V3 | CODESYS Control RTE (SL) |
Version: V0.0.0.0 < V3.5.18.40 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.254Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b2825fea2bcaf80c1a8e62097d72ec90f1a&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-22508", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-23T19:24:19.962258Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-23T19:24:35.687Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", modules: [ "CmpNameServiceServer", ], product: "CODESYS Control RTE (SL)", vendor: "CODESYS V3", versions: [ { lessThan: "V3.5.18.40", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpNameServiceServer", ], product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS V3", versions: [ { lessThan: "V3.5.18.40", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpNameServiceServer", ], product: "CODESYS Control Win (SL)", vendor: "CODESYS V3", versions: [ { lessThan: "V3.5.18.40", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpNameServiceServer", ], product: "CODESYS HMI (SL)", vendor: "CODESYS V3", versions: [ { lessThan: "V3.5.18.40", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpNameServiceServer", ], product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS V3", versions: [ { lessThan: "V3.5.18.40", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS V3", versions: [ { lessThan: "V4.7.0.0", status: "affected", version: "V0.0.0.0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "icsbob", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.", }, ], value: "Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:27:38.793Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b2825fea2bcaf80c1a8e62097d72ec90f1a&download=", }, ], source: { defect: [ "CERT@VDE#64333", ], discovery: "EXTERNAL", }, title: "CODESYS V3: Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22508", datePublished: "2023-05-15T09:27:38.793Z", dateReserved: "2022-01-03T22:35:36.932Z", dateUpdated: "2025-01-23T19:24:35.687Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37547
Vulnerability from cvelistv5
Published
2023-08-03 11:01
Modified
2024-10-11 18:12
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37547", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:39.095120Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:12:55.550Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:01:10.534Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37547", datePublished: "2023-08-03T11:01:10.534Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:12:55.550Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }