3 matches found
Rockwell Automation LP30/40/50 and BM40 Operator Interface
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : LP30, LP40, LP50, and BM40 Operator Panels Vulnerability : Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow,...
16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks
A set of 16 high-severity security flaws have been disclosed in the CODESYS V3 software development kit SDK that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology OT environments. The flaws, tracked from CVE-2022-47378...
CVE-2022-47378
CVE-2022-47378 affects CODESYS V3 across multiple versions and is due to improper input validation in the communication stack. After successful authentication, specially crafted requests can cause the CmpFiletransfer component to read from an invalid address, potentially leading to a denial-of-se...