Control For Raspberry Pi Sl
by Codesys
CVEs (45)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-22518 | 0.00 | — | 0.01 | Apr 7, 2022 | A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy. | |||
| CVE-2022-22517 | 0.00 | — | 0.01 | Apr 7, 2022 | An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed. | |||
| CVE-2022-22515 | 0.00 | — | 0.01 | Apr 7, 2022 | A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products. | |||
| CVE-2022-22514 | 0.00 | — | 0.01 | Apr 7, 2022 | An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be… | |||
| CVE-2022-22513 | 0.00 | — | 0.01 | Apr 7, 2022 | An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. |
- CVE-2022-22518Apr 7, 2022risk 0.00cvss —epss 0.01
A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.
- CVE-2022-22517Apr 7, 2022risk 0.00cvss —epss 0.01
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
- CVE-2022-22515Apr 7, 2022risk 0.00cvss —epss 0.01
A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.
- CVE-2022-22514Apr 7, 2022risk 0.00cvss —epss 0.01
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be…
- CVE-2022-22513Apr 7, 2022risk 0.00cvss —epss 0.01
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.
Page 3 of 3