CVE-2022-47380

An authenticated remote attacker may use a stack based  out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_rte_\(for_beckhoff_cx\)_sl:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_rte_\(sl\):*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:control_win_\(sl\):*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:hmi_\(sl\):*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:safety_sil2_psp:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:safety_sil2_runtime_toolkit:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:31

Type Values Removed Values Added
References () https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= - Vendor Advisory () https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= - Vendor Advisory

Information

Published : 2023-05-15 10:15

Updated : 2024-11-21 07:31


NVD link : CVE-2022-47380

Mitre link : CVE-2022-47380

CVE.ORG link : CVE-2022-47380


JSON object : View

Products Affected

codesys

  • control_for_raspberry_pi_sl
  • development_system_v3
  • control_for_empc-a\/imx6_sl
  • control_rte_\(for_beckhoff_cx\)_sl
  • control_rte_\(sl\)
  • control_for_pfc100_sl
  • control_runtime_system_toolkit
  • safety_sil2_psp
  • hmi_\(sl\)
  • control_for_linux_sl
  • safety_sil2_runtime_toolkit
  • control_for_wago_touch_panels_600_sl
  • control_for_pfc200_sl
  • control_for_iot2000_sl
  • control_win_\(sl\)
  • control_for_plcnext_sl
  • control_for_beaglebone_sl
CWE
CWE-787

Out-of-bounds Write