EUVD-2022-53194

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Multiple CODESYS components transmit client-server passwords unprotected in various versions.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2022-31805	23 Jun 202210:00	–	attackerkb
Circl	CVE-2022-31805	29 Jun 202202:51	–	circl
CNNVD	CODESYS Development System 安全漏洞	24 Jun 202200:00	–	cnnvd
CVE	CVE-2022-31805	24 Jun 202207:46	–	cve
Cvelist	CVE-2022-31805 Insecure transmission of credentials	24 Jun 202207:46	–	cvelist
NVD	CVE-2022-31805	24 Jun 202208:15	–	nvd
Prion	Code injection	24 Jun 202208:15	–	prion
Positive Technologies	PT-2022-20945 · 3S Smart Software Solutions · Codesys Development System	24 Jun 202200:00	–	ptsecurity
The Hacker News	Critical Security Flaws Identified in CODESYS ICS Automation Software	27 Jun 202210:35	–	thn

[
  {
    "enisaIdVendor": [
      {
        "id": "e5797902-a923-36af-ad55-905914265229",
        "vendor": {
          "name": "CODESYS"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "22a308e8-b84a-3922-8201-d6a440d131bb",
        "product": {
          "name": "CODESYS SP Realtime NT"
        },
        "product_version": "V2 <V2.3.7.30"
      },
      {
        "id": "4c2181ee-588f-319e-a117-84514e481aad",
        "product": {
          "name": "CODESYS Edge Gateway for Windows"
        },
        "product_version": "V3 <V3.5.18.30"
      },
      {
        "id": "75d375b2-9d43-372d-9bcb-555a6156871b",
        "product": {
          "name": "CODESYS OPC DA Server SL"
        },
        "product_version": "V3 <V3.5.18.30"
      },
      {
        "id": "7e25d07c-8c28-32a2-b0eb-66229a6ba1ed",
        "product": {
          "name": "CODESYS Gateway Client"
        },
        "product_version": "V2 <V2.3.9.38"
      },
      {
        "id": "7ea2a6ce-e722-3210-9e5b-b6d77f95a3e7",
        "product": {
          "name": "CODESYS Development System"
        },
        "product_version": "V3 <V3.5.18.30"
      },
      {
        "id": "811ace76-e305-36b0-a6b8-e07c1ad52ee2",
        "product": {
          "name": "CODESYS Gateway Server"
        },
        "product_version": "V2 <V2.3.9.38"
      },
      {
        "id": "8fce9af7-db82-34ed-8b60-80f7c6bcafa1",
        "product": {
          "name": "CODESYS HMI (SL)"
        },
        "product_version": "V3 <V3.5.18.30"
      },
      {
        "id": "9ff2c4bd-65b4-33d9-b007-0b379f659b79",
        "product": {
          "name": "CODESYS Development System"
        },
        "product_version": "V2 <V2.3.9.69"
      },
      {
        "id": "b0d76d97-a03d-3410-82b4-f6001d76a92a",
        "product": {
          "name": "CODESYS Runtime Toolkit 32 bit full"
        },
        "product_version": "V2 <V2.4.7.57"
      },
      {
        "id": "cbbe8dd7-bb1d-3f71-813b-121fffd30b1a",
        "product": {
          "name": "CODESYS Web server"
        },
        "product_version": "V1 <V1.1.9.23"
      },
      {
        "id": "f7977dee-c7d3-3749-952d-6617c379dadb",
        "product": {
          "name": "CODESYS PLCWinNT"
        },
        "product_version": "V2 <V2.4.7.57"
      },
      {
        "id": "f8233fdf-5219-365a-9a8d-7383723f1bb0",
        "product": {
          "name": "CODESYS PLCHandler"
        },
        "product_version": "V3 <V3.5.18.30"
      },
      {
        "id": "ff788d11-89fe-3d58-9139-b9d3d21d5e08",
        "product": {
          "name": "CODESYS Gateway"
        },
        "product_version": "V3 <V3.5.18.30"
      }
    ]
  }
]

Source	Link
customers	www.customers.codesys.com/index.php

03 Oct 2025 20:07Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5

CVSS 24.3

EPSS0.00951

codesys security vulnerability