CVE-2022-4048

Summary

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.

Affected Software

VendorProductVersion RangeStatus
CODESYSCODESYS Development System V3V0.0.0.0 < V3.5.18.40affected

Weaknesses

  • CWE-326: CWE-326 Inadequate Encryption Strength

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References