EUVD-2023-41435

Malicious code in bioql PyPI...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47380)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Out-of-Bounds Write (CVE-2022-47379)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPapp component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPapp component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the CMPapp component in the Codesys industrial automation software suite allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the CMPapp component in the Codesys industrial automation software suite relates to the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to trigger malfunctions in service operations or execute arbitrary...

CVE-2023-37551

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfe...

CVE-2023-37549

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

CVE-2023-37551

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfe...

CVE-2023-37548

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

Design/Logic Flaw

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfe...

CVE-2023-37545

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

CVE-2023-37548 CODESYS: Improper Input Validation in CmpApp component

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

CVE-2023-37546 CODESYS: Improper Input Validation in CmpApp component

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

CVE-2023-37545 CODESYS: Improper Input Validation in CmpApp component

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

CVE-2023-37545 CODESYS: Improper Input Validation in CmpApp component

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3s-smart Software Solutions GmbH 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact...

PT-2023-5018 · 3S Smart Software Solutions · Codesys Cmpapp

Name of the Vulnerable Software and Affected Versions: CODESYS CMPapp affected versions not specified Description: The issue is related to insufficient input validation in the CMPapp component of CODESYS software products. This can be exploited by a remote attacker to cause a denial of service...

PT-2023-5017 · 3S Smart Software Solutions · Codesys Cmpapp

Name of the Vulnerable Software and Affected Versions: CODESYS CMPapp affected versions not specified Description: The issue is related to insufficient input validation in the CMPapp component of CODESYS software products. This can be exploited by a remote attacker to cause a denial of service...

PT-2023-5015 · 3S Smart Software Solutions · Codesys Cmpapp

Name of the Vulnerable Software and Affected Versions: CODESYS CMPapp affected versions not specified Description: The issue is related to insufficient input validation in the CMPapp component of CODESYS software products. This can be exploited by a remote attacker to cause a denial of service...