Vulnerability Description
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Codesys | Control For Beaglebone Sl | < 4.7.0.0 |
| Codesys | Control For Empc-A\/Imx6 Sl | < 4.7.0.0 |
| Codesys | Control For Iot2000 Sl | < 4.7.0.0 |
| Codesys | Control For Linux Sl | < 4.7.0.0 |
| Codesys | Control For Pfc100 Sl | < 4.7.0.0 |
| Codesys | Control For Pfc200 Sl | < 4.7.0.0 |
| Codesys | Control For Plcnext Sl | < 4.7.0.0 |
| Codesys | Control For Raspberry Pi Sl | < 4.7.0.0 |
| Codesys | Control For Wago Touch Panels 600 Sl | < 4.7.0.0 |
| Codesys | Control Rte \(For Beckhoff Cx\) Sl | < 3.5.18.40 |
| Codesys | Control Rte \(Sl\) | < 3.5.18.40 |
| Codesys | Control Runtime System Toolkit | < 3.5.18.40 |
| Codesys | Control Win \(Sl\) | < 3.5.18.40 |
| Codesys | Hmi \(Sl\) | < 3.5.18.40 |
Related Weaknesses (CWE)
References
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b282Vendor Advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b282Vendor Advisory
FAQ
What is CVE-2022-22508?
CVE-2022-22508 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
How severe is CVE-2022-22508?
CVE-2022-22508 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22508?
Check the references section above for vendor advisories and patch information. Affected products include: Codesys Control For Beaglebone Sl, Codesys Control For Empc-A\/Imx6 Sl, Codesys Control For Iot2000 Sl, Codesys Control For Linux Sl, Codesys Control For Pfc100 Sl.