Vulnerabilities > CVE-2022-4048 - Unspecified vulnerability in Codesys Development System V3

CVSS 7.7 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

local

low complexity

codesys

NVD

Published: 2023-05-15

Updated: 2024-11-21

Summary

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.

Vulnerable Configurations

Part	Description	Count
Application	Codesys Codesys Development System V3 *	1

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17350&token=2cee62285d3ec76d6a78dfa9b9e81e66f6136a2a&download=
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17350&token=2cee62285d3ec76d6a78dfa9b9e81e66f6136a2a&download=