What is CVE-2022-22515?

CVE-2022-22515 is a high-severity vulnerability in Codesys Control For Beaglebone Sl, classified under Exposure of Resource to Wrong Sphere. CVSS score: 8.1/10. Published 2022-04-07.

How severe is CVE-2022-22515?

High severity. CVSS v3 base score is 8.1 out of 10.

Vulnerability in Codesys Control For Beaglebone Sl

CVE-2022-22515

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.

EPSS: 0.002 (37.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Codesys Control For Beaglebone Sl — versions V4
Codesys Control For Beckhoff Cx9020 Sl — versions V4
Codesys Control For Empc-a/imx6 Sl — versions V4
Codesys Control For Iot2000 Sl — versions V4
Codesys Control For Linux Sl — versions V4
Codesys Control For Pfc100 Sl — versions V4
Codesys Control For Pfc200 Sl — versions V4
Codesys Control For Plcnext Sl — versions V4
Codesys Control For Raspberry Pi Sl — versions V4
Codesys Control For Wago Touch Panels 600 Sl — versions V4

Weakness classification (CWE)

CWE-668 — Exposure of Resource to Wrong Sphere

References

customers.codesys.com/index.php (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-22515?: CVE-2022-22515 is a high-severity vulnerability in Codesys Control For Beaglebone Sl, classified under Exposure of Resource to Wrong Sphere. CVSS score: 8.1/10. Published 2022-04-07.
How severe is CVE-2022-22515?: High severity. CVSS v3 base score is 8.1 out of 10.