) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.14.10:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2022-47393 |
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. Published: May 15, 2023; 7:15:08 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2022-47392 |
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. Published: May 15, 2023; 7:15:08 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2022-47391 |
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. Published: May 15, 2023; 6:15:10 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-47390 |
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47389 |
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47388 |
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47387 |
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47386 |
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47385 |
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47384 |
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47383 |
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47382 |
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47381 |
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47380 |
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47379 |
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-47378 |
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2022-22508 |
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. Published: May 15, 2023; 6:15:09 AM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
| CVE-2022-4224 |
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. Published: March 23, 2023; 8:15:12 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2022-30792 |
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. Published: July 11, 2022; 7:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2022-30791 |
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. Published: July 11, 2022; 7:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |