CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-31806

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 6.8

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=

Products affected by CVE-2022-31806

Codesys » Plcwinnt » Version: N/A

cpe:2.3:a:codesys:plcwinnt:-
Codesys » Plcwinnt » Version: 2.4.7.54

cpe:2.3:a:codesys:plcwinnt:2.4.7.54
Codesys » Runtime Toolkit » Version: N/A

cpe:2.3:a:codesys:runtime_toolkit:-
Codesys » Runtime Toolkit » Version: 2.4.7.54

cpe:2.3:a:codesys:runtime_toolkit:2.4.7.54

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31806

Products

Pricing

Contact Us