Codesys Codesys Development System V3
40 CVEs affecting Codesys Codesys Development System V3. Latest disclosed: 2024-06-04. Critical: 0, High: 21.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-47390 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47389 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47388 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47387 | High | 8.8 | 2023-05-15 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47386 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47385 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple… |
CVE-2022-47384 | High | 8.8 | 2023-05-15 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47383 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47382 | High | 8.8 | 2023-05-15 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple… |
CVE-2022-47381 | High | 8.8 | 2023-05-15 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into t… |
CVE-2022-47380 | High | 8.8 | 2023-05-15 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into… |
CVE-2022-47379 | High | 8.8 | 2023-05-15 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which… |
CVE-2022-22515 | High | 8.1 | 2022-04-07 | A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify t… |
CVE-2023-5751 | High | 7.8 | 2024-06-04 | A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of r… |
CVE-2022-22516 | High | 7.8 | 2022-04-07 | The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space. |
CVE-2022-4048 | High | 7.7 | 2023-05-15 | Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate… |
CVE-2022-47391 | High | 7.5 | 2023-05-15 | In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addre… |
CVE-2022-30792 | High | 7.5 | 2022-07-11 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel… |
CVE-2022-30791 | High | 7.5 | 2022-07-11 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing… |
CVE-2022-22517 | High | 7.5 | 2022-04-07 | An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets… |