Codesys

Control Rte Sl (for Beckhoff Cx)

27 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-4046

  • EPSS 0.76%
  • Published 03.08.2023 13:15:09
  • Last modified 21.11.2024 07:34:30

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

6.5

CVE-2023-37559

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:56

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, pot...

6.5

CVE-2023-37558

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:56

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, pot...

6.5

CVE-2023-37557

  • EPSS 0.05%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:56

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condi...

6.5

CVE-2023-37556

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:56

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...

6.5

CVE-2023-37555

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:56

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...

6.5

CVE-2023-37554

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:55

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...

6.5

CVE-2023-37553

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:55

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...

6.5

CVE-2023-37552

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:55

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...

6.5

CVE-2023-37551

  • EPSS 0.06%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast ...