Known Vulnerabilities
CVE-2022-30792
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
CVE-2022-30791
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
CVE-2022-31805
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.
CVE-2022-22515
A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.