CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-1965

Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.9%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 5.5

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=

Products affected by CVE-2022-1965

Codesys » Plcwinnt » Version: 2.4.7.54

cpe:2.3:a:codesys:plcwinnt:2.4.7.54
Codesys » Runtime Toolkit » Version: 2.4.7.54

cpe:2.3:a:codesys:runtime_toolkit:2.4.7.54

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1965

Products

Pricing

Contact Us