In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
References
Configurations
Configuration 1 (hide)
|
History
09 Aug 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. |
06 Jul 2023, 14:37
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-1188 |
30 Mar 2023, 19:37
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_sl_\(for_beckhoff_cx\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:* |
|
First Time |
Codesys hmi Sl
Codesys Codesys control For Plcnext Sl Codesys control Win Sl Codesys control For Beaglebone Sl Codesys control For Pfc200 Sl Codesys control Rte Sl \(for Beckhoff Cx\) Codesys development System Codesys control For Linux Sl Codesys control For Empc-a\/imx6 Sl Codesys control For Pfc100 Sl Codesys control For Wago Touch Panels 600 Sl Codesys runtime Toolkit Codesys control For Raspberry Pi Sl Codesys control Rte Sl Codesys safety Sil2 Codesys control For Iot2000 Sl |
|
References | (MISC) https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17553&token=cf49757d232ea8021f0c0dd6c65e71ea5942b12d&download= - Vendor Advisory |
23 Mar 2023, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-23 12:15
Updated : 2024-02-01 15:11
NVD link : CVE-2022-4224
Mitre link : CVE-2022-4224
CVE.ORG link : CVE-2022-4224
JSON object : View
Products Affected
codesys
- control_for_iot2000_sl
- control_for_wago_touch_panels_600_sl
- runtime_toolkit
- development_system
- control_for_pfc200_sl
- control_for_beaglebone_sl
- control_win_sl
- control_rte_sl_\(for_beckhoff_cx\)
- hmi_sl
- control_rte_sl
- control_for_empc-a\/imx6_sl
- control_for_raspberry_pi_sl
- control_for_plcnext_sl
- control_for_pfc100_sl
- safety_sil2
- control_for_linux_sl
CWE
CWE-1188
Insecure Default Initialization of Resource