Codesys Codesys Control For Beckhoff Cx9020 Sl
8 CVEs affecting Codesys Codesys Control For Beckhoff Cx9020 Sl. Latest disclosed: 2022-07-11. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-22515 | High | 8.1 | 2022-04-07 | A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify t… |
CVE-2022-30792 | High | 7.5 | 2022-07-11 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel… |
CVE-2022-30791 | High | 7.5 | 2022-07-11 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing… |
CVE-2022-22519 | High | 7.5 | 2022-04-07 | A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the C… |
CVE-2022-22517 | High | 7.5 | 2022-04-07 | An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets… |
CVE-2022-22514 | High | 7.1 | 2022-04-07 | An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of… |
CVE-2022-22518 | Medium | 6.5 | 2022-04-07 | A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the appl… |
CVE-2022-22513 | Medium | 6.5 | 2022-04-07 | An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. |