In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
References
Configurations
Configuration 1 (hide)
|
History
24 May 2023, 20:25
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_win_\(sl\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_\(sl\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:hmi_\(sl\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_\(for_beckhoff_cx\)_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:* |
|
| References | (MISC) https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download= - Vendor Advisory |
15 May 2023, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-05-15 10:15
Updated : 2024-02-04 23:37
NVD link : CVE-2022-47391
Mitre link : CVE-2022-47391
CVE.ORG link : CVE-2022-47391
JSON object : View
Products Affected
codesys
- control_rte_\(for_beckhoff_cx\)_sl
- control_for_raspberry_pi_sl
- control_rte_\(sl\)
- control_for_pfc100_sl
- control_runtime_system_toolkit
- control_win_\(sl\)
- control_for_iot2000_sl
- control_for_pfc200_sl
- control_for_wago_touch_panels_600_sl
- hmi_\(sl\)
- control_for_empc-a\/imx6_sl
- control_for_linux_sl
- control_for_beaglebone_sl
- control_for_plcnext_sl
CWE
CWE-20
Improper Input Validation