CVE-2022-47392

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

0.31%

MITRE

KEV

Description

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47388

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

HIGH (8.8)

EPSS

2.30%

MITRE

KEV

Description

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47389

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

HIGH (8.8)

EPSS

4.37%

MITRE

KEV

Description

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47379

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

HIGH (8.8)

EPSS

2.81%

MITRE

KEV

Description

An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47386

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

HIGH (8.8)

EPSS

2.30%

MITRE

KEV

Description

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47391

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

23 Jan 2025

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.59%

MITRE

KEV

Description

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47380

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

HIGH (8.8)

EPSS

2.30%

MITRE

KEV

Description

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago

CVE-2022-47378

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

0.41%

MITRE

KEV

Description

Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2026-003
Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
#CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

https://certvde.com/en/advisories/vde-2026-003/

#CSAF https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-003.json

0
0
0
10h ago