Vulnerabilities > Codesys > Control FOR Iot2000 SL

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2022-4046 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Codesys products
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.
network
low complexity
codesys CWE-119
8.8
2023-08-03 CVE-2023-37546 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37547 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37548 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37549 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37550 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37551 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37552 Unspecified vulnerability in Codesys products
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37553 Unspecified vulnerability in Codesys products
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37554 Unspecified vulnerability in Codesys products
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5