Lucene search
K

138 matches found

CNNVD
CNNVD
added 2023/08/03 12:0 a.m.5 views

CODESYS Control Buffer Error Vulnerability

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3s-smart Software Solutions, Germany. CODESYS Control suffers from a buffer error vulnerability that arises from improper restriction of memory buffer ranges, allowing a remote attacker...

8.8CVSS7.2AI score0.00655EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.6 views

PT-2023-3074 · 3S Smart Software Solutions · Codesys Control

Name of the Vulnerable Software and Affected Versions: CODESYS Control versions affected versions not specified Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which can be exploited by a remote attacker with user privileges to gain...

9CVSS7AI score0.00655EPSS
Exploits0References6
OSV
OSV
added 2022/12/26 7:15 p.m.4 views

CVE-2020-12069

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device...

7.8CVSS5.8AI score0.00164EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.10 views

PT-2022-8324 · 3S Smart Software Solutions +1 · Codesys V3 +1

Name of the Vulnerable Software and Affected Versions: CODESYS V3 products versions prior to 3.5.16.0 Pilz PMC programming tool versions 3.x prior to 3.5.17 Description: The issue is related to a weak hashing algorithm used for storing online communication passwords in the CODESYS Control runtime...

7.8CVSS7.3AI score0.00164EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2022/06/01 10:0 a.m.6 views

CVE-2022-22515

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration files of the affected products...

8.1CVSS7.4AI score0.01066EPSS
Exploits0References2Affected Software18
OSV
OSV
added 2022/04/07 7:15 p.m.3 views

CVE-2022-22519

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system...

7.5CVSS7.4AI score0.01404EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.18 views

CVE-2022-22519

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system...

7.5CVSS0.01404EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.20 views

CVE-2022-22516

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space...

7.8CVSS0.00253EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.20 views

CVE-2022-22515

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration files of the affected products...

8.1CVSS0.01066EPSS
Exploits0References1
OSV
OSV
added 2022/04/07 7:15 p.m.2 views

CVE-2022-22515

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration files of the affected products...

8.1CVSS7.3AI score0.01066EPSS
Exploits0References1
OSV
OSV
added 2022/04/07 7:15 p.m.3 views

CVE-2022-22516

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space...

7.8CVSS7.1AI score0.00253EPSS
Exploits0References1
Prion
Prion
added 2022/04/07 7:15 p.m.15 views

Design/Logic Flaw

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space...

7.2CVSS7.4AI score0.00253EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2022/04/07 7:15 p.m.23 views

Design/Logic Flaw

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration files of the affected products...

4.9CVSS7.8AI score0.01066EPSS
Exploits0References1Affected Software18
CVE
CVE
added 2022/04/07 6:21 p.m.138 views

CVE-2022-22519

The CVE-2022-22519 entry describes a remote, unauthenticated attacker able to send crafted HTTP/HTTPS requests that trigger a buffer over-read, crashing the CODESYS Control runtime system webserver. This affects the CODESYS Control runtime/webserver and related components; CVSSv3.1 base score 7.5...

7.5CVSS7.8AI score0.01404EPSS
Exploits0References1Affected Software18
Cvelist
Cvelist
added 2022/04/07 6:21 p.m.29 views

CVE-2022-22519 Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system.

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system...

7.5CVSS7.9AI score0.01404EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/07 6:21 p.m.18 views

CVE-2022-22515 A component of the CODESYS Control runtime system allows read and write access to configuration files

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration files of the affected products...

8.1CVSS8.1AI score0.01066EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/04/07 12:0 a.m.4 views

PT-2022-15484 · 3S Smart Software Solutions · Codesys Control Runtime System

Name of the Vulnerable Software and Affected Versions: CODESYS Control runtime system affected versions not specified Description: A remote attacker could utilize the control program of the CODESYS Control runtime system to read and modify the configuration files of the affected products. The...

8.1CVSS7.8AI score0.01066EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.4 views

3S-Smart Software Solutions CODESYS Control 安全漏洞

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS Control that allows any system user to read and...

7.8CVSS7.4AI score0.00253EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.5 views

3s-smart Software Solutions CODESYS Control 安全漏洞

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3s-smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS Control, which can be exploited by an unauthenticated, remote attacker who ca...

8.1CVSS8.4AI score0.01066EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/04/07 12:0 a.m.6 views

PT-2022-15485 · 3S Smart Software Solutions · Codesys Control Runtime System

Name of the Vulnerable Software and Affected Versions: CODESYS Control runtime system affected versions not specified Description: The issue allows any system user to read and write within restricted memory space due to a problem in the SysDrv3S driver. Recommendations: At the moment, there is no...

7.8CVSS7.4AI score0.00253EPSS
Exploits0References5
Rows per page
Query Builder