CVE-2022-4046 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-4046 PUBLISHED CVSS 8.800000190734863 HIGH

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

EPSS 0.76% · 73.2th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:W/RC:C

EPSS Score

0.76%

73.2th percentile

Affected Products

Vendor	Product	Versions
ABB	DCT880 memory unit incl. Power Optimizer
ABB	ACS880 IGBT Supply Control Program ALHLX < v3.43
ABB	DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3)
ABB	ACS880 IGBT Supply Control Program AISLX < v3.43
ABB	ACS880 Position Control Program APCLX <= v1.04.0.5
ABB	ACS880 Primary Control Program YINLX < v1.30
ABB	ACS880 IGBT Supply Control Program YLHLX < v1.30
ABB	ACS6080 Firmware Version >=LAAAA 2.10.0\|<=LAAAB 5.06.1
ABB	DCS880 memory unit incl. DEMag
ABB	DCS880 memory unit incl. DCC
ABB	ACS6000 Firmware Version >=LAAAA 2.10.0\|<=LAAAB 5.06.1
ABB	ACS880 IGBT Supply Control Program YISLX < v1.30
ABB	ACS880 Primary Control Program AINLX < v3.47
ABB	DCS880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3)
ABB	ACS5000 Firmware Version >=LAAAB 4.03.0\|<= LAAAB 5.06.1
ABB	ACS880 Test Bench Control Program ATBLX <= v3.44.0.0

Timeline

Apr 11, 2023 CVE Published
Aug 4, 2023 EPSS Score
Sep 6, 2023 EPSS Score
Oct 9, 2023 EPSS Score
Nov 12, 2023 EPSS Score
Jan 17, 2024 EPSS Score
Feb 19, 2024 EPSS Score
Mar 23, 2024 EPSS Score
Apr 26, 2024 EPSS Score
May 29, 2024 EPSS Score
Jul 1, 2024 EPSS Score
Aug 3, 2024 EPSS Score

References

Open in Interactive Console →