Codesys

Control Runtime System Toolkit

52 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-37550

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37549

  • EPSS 0.08%
  • Published 03.08.2023 12:15:10
  • Last modified 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37548

  • EPSS 0.08%
  • Published 03.08.2023 12:15:09
  • Last modified 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37546

  • EPSS 0.08%
  • Published 03.08.2023 12:15:09
  • Last modified 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37547

  • EPSS 0.08%
  • Published 03.08.2023 12:15:09
  • Last modified 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37545

  • EPSS 0.08%
  • Published 03.08.2023 11:15:09
  • Last modified 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2022-47393

  • EPSS 0.44%
  • Published 15.05.2023 11:15:08
  • Last modified 17.07.2025 13:11:12

An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.

6.5

CVE-2022-47392

  • EPSS 0.27%
  • Published 15.05.2023 11:15:08
  • Last modified 17.07.2025 13:10:35

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service ...

7.5

CVE-2022-47391

  • EPSS 0.47%
  • Published 15.05.2023 10:15:10
  • Last modified 17.07.2025 13:10:20

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

8.8

CVE-2022-47390

  • EPSS 3.72%
  • Published 15.05.2023 10:15:10
  • Last modified 17.07.2025 13:10:11

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, mem...