Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/02/06 12:4 a.m.11 views

CVE-2022-47379

An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution...

8.8CVSS7.4AI score0.0199EPSS
Exploits0
ics
ics
added 2024/01/30 7:0 a.m.77 views

Rockwell Automation LP30/40/50 and BM40 Operator Interface

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : LP30, LP40, LP50, and BM40 Operator Panels Vulnerability : Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow,...

8.8CVSS8.5AI score0.0199EPSS
Exploits0References8
nessus
nessus
added 2023/09/18 12:0 a.m.28 views

Rockwell Automation LP30/40/50 and BM40 Operator Interface Out-of-Bounds Write (CVE-2022-47379)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

8.8CVSS7.6AI score0.0199EPSS
Exploits0References4
thn
thn
added 2023/08/11 5:20 a.m.66 views

16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

A set of 16 high-severity security flaws have been disclosed in the CODESYS V3 software development kit SDK that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology OT environments. The flaws, tracked from CVE-2022-47378...

8.8CVSS8.8AI score0.0199EPSS
Exploits0
mssecure
mssecure
added 2023/08/11 12:0 a.m.45 views

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS

Microsoft’s cyberphysical system researchers recently identified multiple high-severity vulnerabilities in the CODESYS V3 software development kit SDK, a software development environment widely used to program and engineer programmable logic controllers PLCs. Exploitation of the discovered...

6.5CVSS9.1AI score0.0199EPSS
Exploits0
vulnrichment
vulnrichment
added 2023/05/15 9:33 a.m.11 views

CVE-2022-47379 CODESYS: Multiple products prone to out-of-bounds write

An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution...

8.8CVSS8.1AI score0.0199EPSS
Exploits0References1
cve
cve
added 2023/05/15 9:33 a.m.66 views

CVE-2022-47379

CVE-2022-47379 is a stack-based/out-of-bounds write vulnerability in the CMPapp component across multiple CODESYS V3 products. After authentication, crafted requests can write data to memory, potentially causing denial-of-service, memory overwriting, or remote code execution. Public sources note ...

8.8CVSS9AI score0.0199EPSS
Exploits0References1Affected Software17
Rows per page
Query Builder