Vulnerability Description
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Codesys | Control Rte Sl | < 3.5.18.0 |
| Codesys | Control Rte Sl \(For Beckhoff Cx\) | < 3.5.18.0 |
| Codesys | Control Win Sl | < 3.5.18.0 |
| Codesys | Development System | < 3.5.18.0 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169Vendor Advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169Vendor Advisory
FAQ
What is CVE-2022-22516?
CVE-2022-22516 is a vulnerability with a CVSS score of 7.8 (HIGH). The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.
How severe is CVE-2022-22516?
CVE-2022-22516 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22516?
Check the references section above for vendor advisories and patch information. Affected products include: Codesys Control Rte Sl, Codesys Control Rte Sl \(For Beckhoff Cx\), Codesys Control Win Sl, Codesys Development System, Microsoft Windows.