HIGH🇬🇧 English

CVE-2022-4046

CVSS 8.8v3.1pub. 2023-08-03upd. 2024-11-21

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Codesys Control For Beaglebone Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Empc A\/imx6 Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Iot2000 Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Linux Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Pfc100 Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Pfc200 Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Plcnext Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Raspberry Pi Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control For Wago Touch Panels 600 Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control Rte Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Control Rte Sl \(for Beckhoff Cx\)

    APP
    Codesys
    wszystkie wersje
  • Codesys Control Runtime System Toolkit

    APP
    Codesys
    wszystkie wersje
  • Codesys Control Win Sl

    APP
    Codesys
    wszystkie wersje
  • Codesys Hmi Sl

    APP
    Codesys
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-33485CRITICAL9.8ten sam produkt

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

CVE-2020-10245CRITICAL9.8ten sam produkt

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

CVE-2019-18858CRITICAL9.8ten sam produkt

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overf...

CVE-2019-13548CRITICAL9.8ten sam produkt

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or h...

CVE-2019-9010CRITICAL9.8ten sam produkt

An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the own...