CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22516 – CODESYS driver SysDrv3S allows SYSTEM users on Microsoft Windows to read and write in restricted memory space.
https://notcve.org/view.php?id=CVE-2022-22516
07 Apr 2022 — The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space. El controlador SysDrv3S del sistema de tiempo de ejecución de CODESYS Control en Microsoft Windows permite a cualquier usuario del sistema leer y escribir en un espacio de memoria restringido • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169916366df31388d2e7ba58e7bce93508&download= • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2022-22513 – Null Pointer Dereference in multiple CODESYS products can lead to a DoS.
https://notcve.org/view.php?id=CVE-2022-22513
07 Apr 2022 — An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. Un atacante remoto autenticado puede causar una desreferencia de puntero null en el componente CmpSettings de los productos CODESYS afectados, lo que conlleva a un bloqueo • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download= • CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-34599 – Improper Certificate Validation in CODESYS Git
https://notcve.org/view.php?id=CVE-2021-34599
01 Dec 2021 — Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the server to which the connection is made is not properly verified, the server connection is vulnerable to a man-in-the-middle attack. Las versiones afectadas de CODESYS Git en Versiones anteriores a V1.1.0.0, carecen de l... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download • CWE-295: Improper Certificate Validation •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-12068
https://notcve.org/view.php?id=CVE-2020-12068
14 May 2020 — An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation. Se detectó un problema en CODESYS Development System versiones anteriores a 3.5.16.0. CODESYS WebVisu y CODESYS Remote TargetVisu son susceptibles a una escalada de privilegios. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13136&token=c267875c01ea70bc9613bc39c684eedc17f55420&download= •