QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-47392

Back to search

CVE-2022-47392

Published: May 15, 2023

Modified: Mar 5, 2025

PUBLISHED

CVSS v3.1

6.5

MEDIUM

Description

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.

VendorProductVersions

CODESYS

CODESYS Control RTE (SL)

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Control RTE (for Beckhoff CX) SL

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Control Win (SL)

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Control Runtime System Toolkit

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Safety SIL2 Runtime Toolkit

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Safety SIL2 PSP

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS HMI (SL)

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Development System V3

affected
V0.0.0.0 - < V3.5.19.0

CODESYS

CODESYS Control for BeagleBone SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for emPC-A/iMX6 SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for IOT2000 SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for Linux SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for PFC100 SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for PFC200 SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for PLCnext SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for Raspberry Pi SL

affected
V0.0.0.0 - < V4.8.0.0

CODESYS

CODESYS Control for WAGO Touch Panels 600 SL

affected
V0.0.0.0 - < V4.8.0.0

Weaknesses (CWE)

CWE-20

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2022-47392 | MEDIUM (6.5) - Security Vulnerability | QwikSec