Codesys Control For Raspberry Pi Sl
Sign in to watchby Codesys
CVEs (44)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-47393 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. | ||
| CVE-2022-47392 | 0.00 | — | 0.00 | May 15, 2023 | An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. | ||
| CVE-2022-47391 | 0.00 | — | 0.01 | May 15, 2023 | In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | ||
| CVE-2022-47390 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47389 | 0.00 | — | 0.06 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47388 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47387 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47386 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47385 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47384 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47383 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47382 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47381 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47380 | 0.00 | — | 0.03 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47379 | 0.00 | — | 0.04 | May 15, 2023 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47378 | 0.00 | — | 0.01 | May 15, 2023 | Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. | ||
| CVE-2022-30792 | 0.00 | — | 0.00 | Jul 11, 2022 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. | ||
| CVE-2022-30791 | 0.00 | — | 0.00 | Jul 11, 2022 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | ||
| CVE-2022-22519 | 0.00 | — | 0.01 | Apr 7, 2022 | A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system. | ||
| CVE-2022-22518 | 0.00 | — | 0.00 | Apr 7, 2022 | A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy. |
Page 2 of 3