Codesys Development System V3
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Codesys Development System V3.
By the Year
In 2026 there have been 0 vulnerabilities in Codesys Development System V3. Development System V3 did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 17 | 8.25 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 0.00 |
It may take a day or so for new Development System V3 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Codesys Development System V3 Security Vulnerabilities
CODESYS DS buffer overflow via improper op restriction
CVE-2022-47393
6.5 - Medium
- May 15, 2023
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
Buffer Overflow
Denial-of-service via Improper Input Validation in CODESYS CmpApp Components
CVE-2022-47392
6.5 - Medium
- May 15, 2023
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
Improper Input Validation
CODESYS CmpTraceMgr Stack OOB Write RCE
CVE-2022-47384
8.8 - High
- May 15, 2023
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS Input Validation Flaw Allows Remote DoS via Invalid Address Reads
CVE-2022-47391
7.5 - High
- May 15, 2023
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
Improper Input Validation
Input Validation Flaw in CODESYS Enables Authenticated Remote DoS
CVE-2022-47378
6.5 - Medium
- May 15, 2023
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
Improper Input Validation
Inadequate Encryption in CODESYS DS V3 prior to 3.5.18.40
CVE-2022-4048
7.7 - High
- May 15, 2023
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.
Inadequate Encryption Strength
CODESYS OOB Write in Products RCE/DoS
CVE-2022-47379
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS OOB Stack Write CVE-2022-47380 Enables RCE
CVE-2022-47380
8.8 - High
- May 15, 2023
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS stack OOB write leads to RCE and DoS
CVE-2022-47381
8.8 - High
- May 15, 2023
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS CmpTraceMgr OOB stack write allows RCE
CVE-2022-47382
8.8 - High
- May 15, 2023
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
Stack OOB Write in CODESYS CmpTraceMgr RCE / DoS
CVE-2022-47383
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CVE-2022-47385: CODESYS CmpAppForce Stack OOB Write RCE/DoS
CVE-2022-47385
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS CmpTraceMgr OOB Stack Write Remote Code Exec
CVE-2022-47386
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
Stack OOB Write in CODESYS CmpTraceMgr Enables RCE
CVE-2022-47387
8.8 - High
- May 15, 2023
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS CmpTraceMgr OOB Stack Write RCE
CVE-2022-47388
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS CmpTraceMgr OOB Stack Write DoS/Remote Code Exec
CVE-2022-47389
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
CODESYS CmpTraceMgr Stack OOB Write Enables Remote Code Execution
CVE-2022-47390
8.8 - High
- May 15, 2023
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
Memory Corruption
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
CVE-2018-20026
- February 19, 2019
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could
CVE-2018-10612
- January 29, 2019
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.
Authorization
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Codesys Development System V3 or by Codesys? Click the Watch button to subscribe.
