EUVD-2022-50146

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Authenticated remote attacker can exploit out-of-bounds write vulnerability in CODESYS products.

Reporter	Title	Published	Views	Family All 16
BDU FSTEC	The vulnerability of the CMPapp component in the Codesys industrial automation software suite allows a hacker to trigger a service failure or execute arbitrary code.	16 Aug 202300:00	–	bdu_fstec
Circl	CVE-2022-47379	15 May 202314:29	–	circl
CNNVD	3s-smart Software Solutions CODESYS 缓冲区错误漏洞	15 May 202300:00	–	cnnvd
CVE	CVE-2022-47379	15 May 202309:33	–	cve
Cvelist	CVE-2022-47379 CODESYS: Multiple products prone to out-of-bounds write	15 May 202309:33	–	cvelist
ICS	Rockwell Automation LP30/40/50 and BM40 Operator Interface	30 Jan 202407:00	–	ics
Microsoft Malware Protection	Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS	11 Aug 202300:00	–	mmpc
Microsoft Secure	Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS	11 Aug 202300:00	–	mssecure
NVD	CVE-2022-47379	15 May 202310:15	–	nvd
OSV	CVE-2022-47379	15 May 202310:15	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "d77252e1-b2d0-3bc6-8974-975aef9218f3",
        "vendor": {
          "name": "CODESYS"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "014c6e83-3f09-3481-bd1e-6df533ee26db",
        "product": {
          "name": "CODESYS Safety SIL2 PSP"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "0d24dc96-604f-3502-a3aa-6c3fd4991e30",
        "product": {
          "name": "CODESYS Control for WAGO Touch Panels 600 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "1bc81d2f-1910-3dc9-8b27-19da7b725bc7",
        "product": {
          "name": "CODESYS Control for IOT2000 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "4186fd34-50da-3c0b-a02f-d8c126cf1b3d",
        "product": {
          "name": "CODESYS Safety SIL2 Runtime Toolkit"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "420a0899-6d40-363f-88a6-602e56876b19",
        "product": {
          "name": "CODESYS HMI (SL)"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "6154b3df-4a76-3211-b3b1-7207a10ff4da",
        "product": {
          "name": "CODESYS Control Win (SL)"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "66a0847a-ed6c-3236-8381-5ba3c86f57b8",
        "product": {
          "name": "CODESYS Control for PFC200 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "6ee7e88c-7c53-302b-a86c-657e54a41741",
        "product": {
          "name": "CODESYS Control RTE (for Beckhoff CX) SL"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "73c4e2c5-995a-371e-9812-f5097a6d66f0",
        "product": {
          "name": "CODESYS Control for PLCnext SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "7e990fba-e19a-3e4f-a0fc-74a8d36543b2",
        "product": {
          "name": "CODESYS Control Runtime System Toolkit"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "8cc9bbbb-9d5f-370e-816e-72daf2961d35",
        "product": {
          "name": "CODESYS Control RTE (SL)"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "97c3db57-1d9c-380a-9f3c-f0a83113cb87",
        "product": {
          "name": "CODESYS Control for emPC-A/iMX6 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "9fb613d2-2cca-3d5d-928b-fc9bc37abdb8",
        "product": {
          "name": "CODESYS Control for PFC100 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "b472a337-1cb7-30e4-a1fc-5e525a7e3926",
        "product": {
          "name": "CODESYS Development System V3"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "bef286a3-c07c-310b-943a-9d3d2d8e8f04",
        "product": {
          "name": "CODESYS Control for Linux SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "c366308f-8a12-3c15-ba5b-4c4d2982a4ea",
        "product": {
          "name": "CODESYS Control for Raspberry Pi SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "ddda549f-ccdb-3f8c-b835-fb3f0f307d81",
        "product": {
          "name": "CODESYS Control for BeagleBone SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      }
    ]
  }
]

Source	Link
customers	www.customers.codesys.com/index.php

03 Oct 2025 20:07Current

8.8High risk

Vulners AI Score8.8

CVSS 3.18.8

EPSS0.0199

SSVC