HIGH🇬🇧 English

CVE-2022-4224

CVSS 8.8v3.1pub. 2023-03-23upd. 2024-11-21

In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Codesys Control For Beaglebone Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Empc A\/imx6 Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Iot2000 Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Linux Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Pfc100 Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Pfc200 Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Plcnext Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Raspberry Pi Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control For Wago Touch Panels 600 Sl

    APP
    Codesys
    3.0 – 4.8.0.0 (bez)
  • Codesys Control Rte Sl

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
  • Codesys Control Rte Sl \(for Beckhoff Cx\)

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
  • Codesys Control Win Sl

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
  • Codesys Development System

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
  • Codesys Hmi Sl

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
  • Codesys Runtime Toolkit

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
  • Codesys Safety Sil2

    APP
    Codesys
    3.0 – 3.5.19.0 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-31806CRITICAL9.8ten sam produkt

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enable...

CVE-2021-33485CRITICAL9.8ten sam produkt

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

CVE-2019-9010CRITICAL9.8ten sam produkt

An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the own...

CVE-2018-10612CRITICAL9.8ten sam produkt

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access managem...

CVE-2026-44468HIGH8.5ten sam produkt

The affected product creates a directory with insecure default permissions during administrative installation....