CODESYS Control RTE (SL) — Vulnerabilities & Security Advisories 28

All 28 CVE vulnerabilities found in CODESYS Control RTE (SL), with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-3509	CODESYS Control Audit Log Format String DoS CWE-134	7.5	High	2026-03-24
CVE-2025-41660	CODESYS Control Boot Application Replacement Enables Code Execution CWE-669	8.8	High	2026-03-24
CVE-2025-41738	CODESYS Control - Invalid type usage in visualization CWE-843	7.5	High	2025-12-01
CVE-2022-47393	CODESYS: Multiple products prone to improperly restricted memory operations CWE-119	6.5	Medium	2023-05-15
CVE-2022-47392	CODESYS: Multiple products prone to Improper Input Validation CWE-20	6.5	Medium	2023-05-15
CVE-2022-47391	CODESYS: Multiple products prone to Improper Input Validation CWE-20	7.5	High	2023-05-15
CVE-2022-47390	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47389	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47388	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47387	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47386	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47385	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47384	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47383	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47382	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47381	CODESYS: Multiple products prone to stack based out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47380	CODESYS: Multiple products prone to out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47379	CODESYS: Multiple products prone to out-of-bounds write CWE-787	8.8	High	2023-05-15
CVE-2022-47378	CODESYS: Multiple products prone to Improper Input Validation CWE-20	6.5	Medium	2023-05-15
CVE-2022-22508	CODESYS V3: Improper Input Validation CWE-20	4.3	Medium	2023-05-15
CVE-2022-30792	CODESYS: CmpChannelServer, CmpChannelServerEmbedded allow unauthenticated attackers to block all their available communication channels CWE-400	7.5	High	2022-07-11
CVE-2022-30791	CODESYS V3: CmpBlkDrvTcp allows unauthenticated attackers to block all its available TCP connections CWE-400	7.5	High	2022-07-11
CVE-2022-22519	Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system. CWE-126	7.5	High	2022-04-07
CVE-2022-22517	Communication Components in multiple CODESYS products vulnerable to communication channel disruption CWE-334	7.5	High	2022-04-07
CVE-2022-22516	CODESYS driver SysDrv3S allows SYSTEM users on Microsoft Windows to read and write in restricted memory space. CWE-732	7.8	High	2022-04-07
CVE-2022-22515	A component of the CODESYS Control runtime system allows read and write access to configuration files CWE-668	8.1	High	2022-04-07
CVE-2022-22514	Untrusted Pointer Dereference in multiple CODESYS products can lead to a DoS. CWE-822	7.1	High	2022-04-07
CVE-2022-22513	Null Pointer Dereference in multiple CODESYS products can lead to a DoS. CWE-476	6.5	Medium	2022-04-07

All 28 known CVE vulnerabilities affecting CODESYS Control RTE (SL) with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

CODESYS Control RTE (SL) — Vulnerabilities & Security Advisories 28