CVE-2022-4046

🗓️ 03 Aug 2023 12:39:44Reported by CERTVDEType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 43 Views

CODESYS Control allows remote attacker to gain full access (CVE-2022-4046

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-4046	3 Aug 202313:15	–	attackerkb
BDU FSTEC	The software system of Schneider Electric’s industrial automation solutions, Codesys, has vulnerabilities. These vulnerabilities allow attackers to cause a loss of control and trigger malfunctions during maintenance operations.	13 Jun 202300:00	–	bdu_fstec
Circl	CVE-2022-4046	3 Aug 202316:40	–	circl
CNNVD	CODESYS Control Buffer Error Vulnerability	3 Aug 202300:00	–	cnnvd
Cvelist	CVE-2022-4046 CODESYS: Improper memory restrictions fro CODESYS Control	3 Aug 202312:39	–	cvelist
EUVD	EUVD-2022-51423	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Schneider Electric Modicon components	12 Apr 202300:00	–	ncsc
NVD	CVE-2022-4046	3 Aug 202313:15	–	nvd
Prion	Out-of-bounds	3 Aug 202313:15	–	prion
Positive Technologies	PT-2023-3074 · 3S Smart Software Solutions · Codesys Control	11 Apr 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for BeagleBone SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for emPC-A/iMX6 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for IOT2000 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for Linux SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for PFC100 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for PFC200 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for PLCnext SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for Raspberry Pi SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control for WAGO Touch Panels 600 SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control RTE (for Beckhoff CX) SL",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control RTE (SL)",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control Runtime System Toolkit",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS Control Win (SL)",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "CODESYS HMI (SL)",
    "vendor": "CODESYS",
    "versions": [
      {
        "status": "affected",
        "version": "all"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en/advisories/VDE-2023-025/

17 Jun 2026 05:19Current

9High risk

Vulners AI Score9

CVSS 3.18.8

EPSS0.00655

SSVC

CWE-119