CVE-2022-47382
- EPSS 1.33%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 17.07.2025 12:50:47
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memo...
CVE-2022-47381
- EPSS 1.33%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 17.07.2025 12:46:26
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote cod...
CVE-2022-47380
- EPSS 1.33%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 17.07.2025 12:46:06
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote co...
CVE-2022-47379
- EPSS 1.99%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 17.07.2025 12:38:27
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
CVE-2022-47378
- EPSS 0.91%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 17.07.2025 12:38:13
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
CVE-2022-22508
- EPSS 0.73%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 21.11.2024 06:46:54
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
CVE-2022-4224
- EPSS 0.88%
- Veröffentlicht 23.03.2023 12:15:12
- Zuletzt bearbeitet 21.11.2024 07:34:49
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
- EPSS 0.83%
- Veröffentlicht 11.07.2022 11:15:08
- Zuletzt bearbeitet 21.11.2024 07:03:23
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
- EPSS 0.83%
- Veröffentlicht 11.07.2022 11:15:08
- Zuletzt bearbeitet 21.11.2024 07:03:23
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
CVE-2022-22519
- EPSS 1.4%
- Veröffentlicht 07.04.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:46:56
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.