Codesys

Development System V3

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-5751

  • EPSS 0.07%
  • Veröffentlicht 04.06.2024 09:15:09
  • Zuletzt bearbeitet 21.11.2024 08:42:24

A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere. 

6.5

CVE-2022-47393

  • EPSS 0.44%
  • Veröffentlicht 15.05.2023 11:15:08
  • Zuletzt bearbeitet 17.07.2025 13:11:12

An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.

6.5

CVE-2022-47392

  • EPSS 0.27%
  • Veröffentlicht 15.05.2023 11:15:08
  • Zuletzt bearbeitet 17.07.2025 13:10:35

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service ...

7.7

CVE-2022-4048

  • EPSS 0.03%
  • Veröffentlicht 15.05.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:30

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.

7.5

CVE-2022-47391

  • EPSS 0.47%
  • Veröffentlicht 15.05.2023 10:15:10
  • Zuletzt bearbeitet 17.07.2025 13:10:20

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

8.8

CVE-2022-47390

  • EPSS 3.72%
  • Veröffentlicht 15.05.2023 10:15:10
  • Zuletzt bearbeitet 17.07.2025 13:10:11

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, mem...

8.8

CVE-2022-47389

  • EPSS 1.95%
  • Veröffentlicht 15.05.2023 10:15:10
  • Zuletzt bearbeitet 17.07.2025 13:09:56

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, mem...

8.8

CVE-2022-47388

  • EPSS 3.72%
  • Veröffentlicht 15.05.2023 10:15:10
  • Zuletzt bearbeitet 17.07.2025 13:09:43

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, mem...

8.8

CVE-2022-47387

  • EPSS 3.72%
  • Veröffentlicht 15.05.2023 10:15:10
  • Zuletzt bearbeitet 17.07.2025 13:05:21

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memo...

8.8

CVE-2022-47386

  • EPSS 3.72%
  • Veröffentlicht 15.05.2023 10:15:09
  • Zuletzt bearbeitet 17.07.2025 13:02:11

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, mem...