Inadequate Encryption Strength in CODESYS Development System V3: Unauthorized Access and Code Manipulation

Inadequate Encryption Strength in CODESYS Development System V3: Unauthorized Access and Code Manipulation

CVE-2022-4048 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.

Learn more about our Web Application Penetration Testing UK.