Vulnerabilities > CVE-2022-22515 - Exposure of Resource to Wrong Sphere vulnerability in Codesys products

047910
CVSS 4.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.

Vulnerable Configurations

Part Description Count
Application
Codesys
362

Common Weakness Enumeration (CWE)