Vulnerabilities > Codesys > Control RTE FOR Beckhoff CX SL

DATE CVE VULNERABILITY TITLE RISK
2023-05-15 CVE-2022-47392 Improper Input Validation vulnerability in Codesys products
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
network
low complexity
codesys CWE-20
6.5
2023-05-15 CVE-2022-47393 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Codesys products
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
network
low complexity
codesys CWE-119
6.5
2023-05-15 CVE-2022-22508 Improper Input Validation vulnerability in Codesys products
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
network
low complexity
codesys CWE-20
4.3
2023-05-15 CVE-2022-47378 Improper Input Validation vulnerability in Codesys products
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability.
network
low complexity
codesys CWE-20
6.5
2023-05-15 CVE-2022-47379 Out-of-bounds Write vulnerability in Codesys products
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
network
low complexity
codesys CWE-787
8.8
2023-05-15 CVE-2022-47380 Out-of-bounds Write vulnerability in Codesys products
An authenticated remote attacker may use a stack based  out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
network
low complexity
codesys CWE-787
8.8
2023-05-15 CVE-2022-47381 Out-of-bounds Write vulnerability in Codesys products
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
network
low complexity
codesys CWE-787
8.8
2023-05-15 CVE-2022-47382 Out-of-bounds Write vulnerability in Codesys products
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
network
low complexity
codesys CWE-787
8.8
2023-05-15 CVE-2022-47383 Out-of-bounds Write vulnerability in Codesys products
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
network
low complexity
codesys CWE-787
8.8
2023-05-15 CVE-2022-47384 Out-of-bounds Write vulnerability in Codesys products
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
network
low complexity
codesys CWE-787
8.8