Codesys Control Runtime System Toolkit vulnerabilities

CVE-2022-47382 [HIGH] CWE-787 CVE-2022-47382: An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpT An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47385 [HIGH] CWE-787 CVE-2022-47385: An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the Cmp An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47390 [HIGH] CWE-787 CVE-2022-47390: An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the Cmp An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47380 [HIGH] CWE-787 CVE-2022-47380: An authenticated remote attacker may use a stack based  out-of-bounds write vulnerability in multipl An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47389 [HIGH] CWE-787 CVE-2022-47389: An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the Cmp An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47387 [HIGH] CWE-787 CVE-2022-47387: An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpT An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47379 [HIGH] CWE-787 CVE-2022-47379: An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS pr An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47388 [HIGH] CWE-787 CVE-2022-47388: An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the Cmp An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47391 [HIGH] CWE-20 CVE-2022-47391: In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a imprope In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

CVE-2022-47393 [MEDIUM] CWE-119 CVE-2022-47393: An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.

CVE-2022-47378 [MEDIUM] CWE-20 CVE-2022-47378: Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerabilit Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.

CVE-2022-47392 [MEDIUM] CWE-20 CVE-2022-47392: An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/Cm An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.

CVE-2022-30792 [HIGH] CWE-400 CVE-2022-30792: In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.

CVE-2022-30791 [HIGH] CWE-400 CVE-2022-30791: In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an u In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.

CVE-2022-22519 [HIGH] CWE-126 CVE-2022-22519: A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buff A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.

CVE-2022-22515 [HIGH] CWE-668 CVE-2022-22515: A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime sy A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.

CVE-2022-22514 [HIGH] CWE-822 CVE-2022-22514: An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.

CVE-2022-22517 [HIGH] CWE-334 CVE-2022-22517: An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS prod An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.

CVE-2022-22513 [MEDIUM] CWE-476 CVE-2022-22513: An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component o An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.

CVE-2022-22518 [MEDIUM] CWE-276 CVE-2022-22518: A bug in CmpUserMgr component can lead to only partially applied security policies. This can result A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.