Vulnerabilites related to codesys - safety_sil2_psp
Vulnerability from fkie_nvd
Published
2023-05-15 11:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], id: "CVE-2022-47393", lastModified: "2024-11-21T07:31:53.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T11:15:08.820", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47383", lastModified: "2024-11-21T07:31:52.300", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.803", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47380", lastModified: "2024-11-21T07:31:51.910", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.607", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47387", lastModified: "2024-11-21T07:31:52.803", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.067", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47381", lastModified: "2024-11-21T07:31:52.043", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.667", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47388", lastModified: "2024-11-21T07:31:52.933", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.157", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47386", lastModified: "2024-11-21T07:31:52.683", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.993", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47384", lastModified: "2024-11-21T07:31:52.427", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.863", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47385", lastModified: "2024-11-21T07:31:52.550", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.927", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47382", lastModified: "2024-11-21T07:31:52.177", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.737", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], id: "CVE-2022-47378", lastModified: "2024-11-21T07:31:51.643", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.460", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 11:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], id: "CVE-2022-47392", lastModified: "2024-11-21T07:31:53.433", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T11:15:08.750", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47389", lastModified: "2024-11-21T07:31:53.053", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.243", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47390", lastModified: "2024-11-21T07:31:53.183", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-15T10:15:10.327", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-15 10:15
Modified
2024-11-21 07:31
Severity ?
Summary
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "523FC1D5-2A13-4B4D-9EE6-7895A955F631", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "6E4DDA5F-C7CD-4ADE-AE44-B2F2C2F6B61C", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "968E3873-9D42-4516-B884-56D49BB8BE8E", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "8FD4E051-A23A-4214-A599-5EDFD40B4843", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "27B2E352-6ACE-4F3D-B462-4DE1197DAF04", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "3F20DC27-C98B-49CF-9C39-9FB483438FD4", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "80A1AAE3-1A29-4B1E-8C50-0EA87D158371", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "9C58C0EB-17CF-4ACA-B691-BBB558A77B4F", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "00007AE1-3679-4D05-96E2-F0F45E73B2B1", versionEndExcluding: "3.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*", matchCriteriaId: "44E6A757-BB46-467E-B0DD-916672995584", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "C74B30D2-2653-4D2A-BEEC-0AB1843097AB", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A9CF7388-0541-4CEA-B83B-127466DA6635", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "0D2297BF-E19B-4FA6-841F-0D5915D345CC", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*", matchCriteriaId: "BBAA2041-8C65-4CC5-AC77-45DE2DEA458F", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A2F76A22-9A91-4683-8F85-322E2AA00E28", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*", matchCriteriaId: "B37C6669-08B9-4588-B871-3203E8ABFCE9", versionEndExcluding: "4.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "B4E932B1-1475-40A0-AF58-D4F643A6A850", versionEndExcluding: "4.8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], id: "CVE-2022-47379", lastModified: "2024-11-21T07:31:51.783", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-05-15T10:15:09.530", references: [ { source: "info@cert.vde.com", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }
cve-2022-47386
Vulnerability from cvelistv5
Published
2023-05-15 09:49
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47386", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:28.058624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:14.509Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:49:04.949Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47386", datePublished: "2023-05-15T09:49:04.949Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:14.509Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47390
Vulnerability from cvelistv5
Published
2023-05-15 09:58
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47390", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:15.103519Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:40.115Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:58:21.588Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47390", datePublished: "2023-05-15T09:58:21.588Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:40.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47384
Vulnerability from cvelistv5
Published
2023-05-15 09:46
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.031Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47384", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:34.304512Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:27.725Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:46:29.134Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47384", datePublished: "2023-05-15T09:46:29.134Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:27.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47392
Vulnerability from cvelistv5
Published
2023-05-15 10:01
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.701Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47392", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:06.722632Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:32.783Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], value: "An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T10:01:09.224Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47392", datePublished: "2023-05-15T10:01:09.224Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:32.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47385
Vulnerability from cvelistv5
Published
2023-05-15 09:47
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.825Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47385", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:31.034306Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:21.424Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:47:18.175Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47385", datePublished: "2023-05-15T09:47:18.175Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:21.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47382
Vulnerability from cvelistv5
Published
2023-05-15 09:42
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47382", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:40.954048Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:42.862Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:42:48.212Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47382", datePublished: "2023-05-15T09:42:48.212Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:42.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47383
Vulnerability from cvelistv5
Published
2023-05-15 09:44
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47383", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:37.721047Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:34.790Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:44:53.440Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47383", datePublished: "2023-05-15T09:44:53.440Z", dateReserved: "2022-12-14T06:03:27.264Z", dateUpdated: "2025-03-05T19:00:34.790Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47379
Vulnerability from cvelistv5
Published
2023-05-15 09:33
Modified
2025-03-05 19:01
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.032Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47379", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:54.742167Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:01:07.355Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:33:41.697Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47379", datePublished: "2023-05-15T09:33:41.697Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:01:07.355Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47378
Vulnerability from cvelistv5
Published
2023-05-15 09:30
Modified
2025-03-05 19:01
Severity ?
EPSS score ?
Summary
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47378", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:10.260425Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:01:14.095Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Ramin Nafisi, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], value: "Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:30:22.173Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47378", datePublished: "2023-05-15T09:30:22.173Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:01:14.095Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47380
Vulnerability from cvelistv5
Published
2023-05-15 09:40
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47380", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:50.342923Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:59.205Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:40:44.538Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47380", datePublished: "2023-05-15T09:40:44.538Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:59.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47381
Vulnerability from cvelistv5
Published
2023-05-15 09:41
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:06.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47381", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:45.557305Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:50.181Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:41:51.613Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47381", datePublished: "2023-05-15T09:41:51.613Z", dateReserved: "2022-12-14T06:03:27.263Z", dateUpdated: "2025-03-05T19:00:50.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47387
Vulnerability from cvelistv5
Published
2023-05-15 09:54
Modified
2025-03-05 19:00
Severity ?
EPSS score ?
Summary
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.968Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47387", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:24.928624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T19:00:07.443Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:54:41.625Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47387", datePublished: "2023-05-15T09:54:41.625Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T19:00:07.443Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47388
Vulnerability from cvelistv5
Published
2023-05-15 09:56
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.136Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47388", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:20.872432Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:57.472Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:56:43.518Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47388", datePublished: "2023-05-15T09:56:43.518Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:57.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47393
Vulnerability from cvelistv5
Published
2023-05-15 10:03
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.190Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47393", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:02.605164Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:25.695Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], value: "An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T10:03:58.680Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to improperly restricted memory operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47393", datePublished: "2023-05-15T10:03:58.680Z", dateReserved: "2022-12-14T06:03:27.266Z", dateUpdated: "2025-03-05T18:59:25.695Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47389
Vulnerability from cvelistv5
Published
2023-05-15 09:57
Modified
2025-03-05 18:59
Severity ?
EPSS score ?
Summary
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V0.0.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:08.296Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47389", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-05T18:37:17.996509Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-05T18:59:49.436Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], value: "An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:57:37.177Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to stack based out-of-bounds write", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47389", datePublished: "2023-05-15T09:57:37.177Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-03-05T18:59:49.436Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }