EUVD-2022-50156

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Authenticated remote attacker can exploit stack vulnerability in CODESYS components for various attacks

Reporter	Title	Published	Views	Family All 15
BDU FSTEC	The vulnerability of the CmpTraceMgr component in CODESYS and Schneider Electric software products allows a hacker to trigger a service failure or execute arbitrary code.	8 Aug 202300:00	–	bdu_fstec
Circl	CVE-2022-47389	17 Mar 202612:00	–	circl
CNNVD	3s-smart Software Solutions CODESYS 缓冲区错误漏洞	15 May 202300:00	–	cnnvd
CVE	CVE-2022-47389	15 May 202309:57	–	cve
Cvelist	CVE-2022-47389 CODESYS: Multiple products prone to stack based out-of-bounds write	15 May 202309:57	–	cvelist
ICS	Rockwell Automation LP30/40/50 and BM40 Operator Interface	30 Jan 202407:00	–	ics
Microsoft Malware Protection	Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS	11 Aug 202300:00	–	mmpc
Microsoft Secure	Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS	11 Aug 202300:00	–	mssecure
NVD	CVE-2022-47389	15 May 202310:15	–	nvd
OSV	CVE-2022-47389	15 May 202310:15	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "5713be54-5548-35ef-928b-3e4edf198305",
        "vendor": {
          "name": "CODESYS"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "03aff963-2206-39d3-bdb2-7b6faba39ead",
        "product": {
          "name": "CODESYS Control RTE (SL)"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "13ffdedc-e647-3292-a0d5-3d3f374765a8",
        "product": {
          "name": "CODESYS HMI (SL)"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "1fe9781a-c024-320d-834e-ee92bb918da4",
        "product": {
          "name": "CODESYS Development System V3"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "206a77bf-ff80-3a44-b610-8080b811b79c",
        "product": {
          "name": "CODESYS Control Win (SL)"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "3cae514c-0373-3f64-859f-4a29d5e41beb",
        "product": {
          "name": "CODESYS Control for WAGO Touch Panels 600 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "442227de-c25b-34a4-91a8-da23c735b0fd",
        "product": {
          "name": "CODESYS Safety SIL2 Runtime Toolkit"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "543091f5-5bbe-3185-a869-819f6688204f",
        "product": {
          "name": "CODESYS Control RTE (for Beckhoff CX) SL"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "69fe7302-aefd-3263-92c1-ccb443d2945b",
        "product": {
          "name": "CODESYS Control for emPC-A/iMX6 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "7cccce31-2726-3124-94e3-5d38250b7897",
        "product": {
          "name": "CODESYS Control for PFC100 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "902891a9-9039-373a-9d1e-e095b9e53fd7",
        "product": {
          "name": "CODESYS Control for PLCnext SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "b06c532c-9eb6-303c-b438-f9fc9c087584",
        "product": {
          "name": "CODESYS Control for BeagleBone SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "b6dd4947-33ff-359b-a761-e18548b256d6",
        "product": {
          "name": "CODESYS Control for Linux SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "ba99c51f-be36-3fb5-8e16-d784522c7f57",
        "product": {
          "name": "CODESYS Safety SIL2 PSP"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      },
      {
        "id": "bd12e3a7-10ee-35ad-b87f-0559c501d68c",
        "product": {
          "name": "CODESYS Control for IOT2000 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "cbf16390-e051-38d9-b5af-1f0b6ff097d1",
        "product": {
          "name": "CODESYS Control for Raspberry Pi SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "efc9dfe7-4b7a-3c0a-a57f-e651b5ae25ba",
        "product": {
          "name": "CODESYS Control for PFC200 SL"
        },
        "product_version": "V0.0.0.0 <V4.8.0.0"
      },
      {
        "id": "faf81b0b-8d6b-3def-a7fd-197cd4b190fa",
        "product": {
          "name": "CODESYS Control Runtime System Toolkit"
        },
        "product_version": "V0.0.0.0 <V3.5.19.0"
      }
    ]
  }
]

Source	Link
customers	www.customers.codesys.com/index.php

03 Oct 2025 20:07Current

8.8High risk

Vulners AI Score8.8

CVSS 3.18.8

EPSS0.01333