Vulnerabilities > Codesys > Control FOR Plcnext SL > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-05 | CVE-2023-6357 | OS Command Injection vulnerability in Codesys products A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device. | 8.8 |
2023-08-03 | CVE-2022-4046 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Codesys products In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device. | 8.8 |
2023-05-15 | CVE-2022-47379 | Out-of-bounds Write vulnerability in Codesys products An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47380 | Out-of-bounds Write vulnerability in Codesys products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47381 | Out-of-bounds Write vulnerability in Codesys products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47382 | Out-of-bounds Write vulnerability in Codesys products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47383 | Out-of-bounds Write vulnerability in Codesys products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47384 | Out-of-bounds Write vulnerability in Codesys products An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47385 | Out-of-bounds Write vulnerability in Codesys products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
2023-05-15 | CVE-2022-47386 | Out-of-bounds Write vulnerability in Codesys products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |