CVE-2022-47379
published 2023-05-15CVE-2022-47379: An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codesys | codesys_control_for_beaglebone_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_empc-a_imx6_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_iot2000_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_linux_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_pfc100_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_pfc200_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_plcnext_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_raspberry_pi_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_for_wago_touch_panels_600_sl | >= V0.0.0.0 < V4.8.0.0 | V4.8.0.0 |
| codesys | codesys_control_rte | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_control_rte_sl | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_control_runtime_system_toolkit | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_control_win | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_development_system_v3 | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_hmi | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_safety_sil2_psp | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | codesys_safety_sil2_runtime_toolkit | >= V0.0.0.0 < V3.5.19.0 | V3.5.19.0 |
| codesys | control_for_beaglebone_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_empc-a_imx6_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_iot2000_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_linux_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_pfc100_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_pfc200_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_plcnext_sl | < 4.8.0.0 | 4.8.0.0 |
| codesys | control_for_raspberry_pi_sl | < 4.8.0.0 | 4.8.0.0 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH