CVE-2022-4224
CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
CODESYS · Control for BeagleBone SLCODESYS · Control for emPC-A/iMX6 SLCODESYS · Control for IOT2000 SLCODESYS · Control for Linux SLCODESYS · Control for PFC100 SLCODESYS · Control for PFC200 SLCODESYS · Control for PLCnext SLCODESYS · Control for Raspberry Pi SLCODESYS · Control for WAGO Touch Panels 600 SLCODESYS · Control RTE (for Beckhoff CX) SLCODESYS · Control RTE (SL)CODESYS · Control Win (SL)CODESYS · Development System V3CODESYS · HMI (SL)CODESYS · Runtime ToolkitCODESYS · Safety SIL2 PSPCODESYS · Safety SIL2 Runtime ToolkitWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →