cbcvebase.
CVE-2022-22515
published 2022-04-07

CVE-2022-22515: A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify…

high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.

Affected

35 ranges· showing 25
VendorProductVersion rangeFixed in
codesyscodesys_control_for_beaglebone_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_beckhoff_cx9020_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_empc-a_imx6_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_iot2000_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_linux_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_pfc100_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_pfc200_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_plcnext_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_raspberry_pi_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_for_wago_touch_panels_600_sl>= V4 < V4.5.0.0V4.5.0.0
codesyscodesys_control_rte>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_control_rte_sl>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_control_runtime_system_toolkit>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_control_win>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_development_system_v3>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_embedded_target_visu_toolkit>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_hmi>= V3 < V3.5.17.40V3.5.17.40
codesyscodesys_remote_target_visu_toolkit>= V3 < V3.5.17.40V3.5.17.40
codesyscontrol_for_beaglebone_sl< 4.5.0.04.5.0.0
codesyscontrol_for_beckhoff_cx9020< 4.5.0.04.5.0.0
codesyscontrol_for_empc-a_imx6_sl< 4.5.0.04.5.0.0
codesyscontrol_for_iot2000_sl< 4.5.0.04.5.0.0
codesyscontrol_for_linux_sl< 4.5.0.04.5.0.0
codesyscontrol_for_pfc100_sl< 4.5.0.04.5.0.0
codesyscontrol_for_pfc200_sl< 4.5.0.04.5.0.0