An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:31
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= - Vendor Advisory |
22 May 2023, 19:53
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= - Vendor Advisory | |
| CPE | cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_win_\(sl\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_\(for_beckhoff_cx\)_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:hmi_\(sl\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_\(sl\):*:*:*:*:*:*:*:* |
|
| First Time |
Codesys control For Beaglebone Sl
Codesys Codesys safety Sil2 Runtime Toolkit Codesys control For Empc-a\/imx6 Sl Codesys safety Sil2 Psp Codesys control For Wago Touch Panels 600 Sl Codesys hmi \(sl\) Codesys control For Plcnext Sl Codesys control For Pfc100 Sl Codesys control For Raspberry Pi Sl Codesys control Rte \(sl\) Codesys control Win \(sl\) Codesys control For Linux Sl Codesys control For Iot2000 Sl Codesys control Runtime System Toolkit Codesys control For Pfc200 Sl Codesys development System V3 Codesys control Rte \(for Beckhoff Cx\) Sl |
15 May 2023, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-05-15 10:15
Updated : 2024-11-21 07:31
NVD link : CVE-2022-47390
Mitre link : CVE-2022-47390
CVE.ORG link : CVE-2022-47390
JSON object : View
Products Affected
codesys
- control_for_iot2000_sl
- development_system_v3
- control_for_linux_sl
- control_for_beaglebone_sl
- control_for_raspberry_pi_sl
- control_for_plcnext_sl
- safety_sil2_psp
- control_for_pfc100_sl
- control_runtime_system_toolkit
- control_for_empc-a\/imx6_sl
- hmi_\(sl\)
- control_for_wago_touch_panels_600_sl
- control_win_\(sl\)
- control_for_pfc200_sl
- control_rte_\(for_beckhoff_cx\)_sl
- control_rte_\(sl\)
- safety_sil2_runtime_toolkit
CWE
CWE-787
Out-of-bounds Write