CVE-2022-47391

Q: What is the severity of CVE-2022-47391?

CVE-2022-47391 has a CVSS score of 7.5 (HIGH). CVE-2022-47391 is an improper input validation vulnerability in multiple CODESYS products that allows unauthorized remote attackers to read from invalid memory addresses, potentially causing denial of service. This affects industrial control systems using vulnerable CODESYS software versions.

7.5 HIGH

Denial of Service

📋 TL;DR

CVE-2022-47391 is an improper input validation vulnerability in multiple CODESYS products that allows unauthorized remote attackers to read from invalid memory addresses, potentially causing denial of service. This affects industrial control systems using vulnerable CODESYS software versions.

💻 Affected Systems

Products:

CODESYS Control runtime systems
CODESYS Development System
CODESYS Gateway

Versions: Multiple versions prior to V3.5.19.0

Operating Systems: Windows, Linux, Various real-time operating systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects CODESYS products in default configurations when network services are enabled

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or unavailability of industrial control systems leading to production downtime

🟠

Likely Case

Service disruption of CODESYS applications causing temporary operational impact

🟢

If Mitigated

Minimal impact with proper network segmentation and access controls

🌐 Internet-Facing: HIGH - Remote unauthenticated exploitation possible

🏢 Internal Only: MEDIUM - Requires network access but no authentication

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Vulnerability requires network access to CODESYS services but no authentication

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V3.5.19.0 and later

Vendor Advisory: https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=

Restart Required: Yes

Instructions:

1. Download latest CODESYS version from vendor portal 2. Backup current configuration 3. Install update following vendor instructions 4. Restart affected systems 5. Verify functionality

🔧 Temporary Workarounds

Network Segmentation

all

Isolate CODESYS systems from untrusted networks

Service Restriction

all

Disable unnecessary CODESYS network services

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor systems for abnormal behavior and implement compensating controls

🔍 How to Verify

Check if Vulnerable:

Check CODESYS version against affected versions list in vendor advisory

Check Version:

Check CODESYS About dialog or version files in installation directory

Verify Fix Applied:

Verify installed version is V3.5.19.0 or later

📡 Detection & Monitoring

Log Indicators:

Unexpected service restarts
Memory access errors in system logs
Connection attempts to CODESYS ports

Network Indicators:

Traffic to CODESYS default ports (1217, 2455, etc.) from unauthorized sources
Abnormal packet patterns to CODESYS services

SIEM Query:

source_port IN (1217, 2455) AND dest_ip IN (CODESYS_IPS) AND NOT src_ip IN (ALLOWED_NETWORKS)

📊 Metadata

CVE ID: CVE-2022-47391

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-20

Published: May 15, 2023

Last Updated: July 17, 2025

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Control For Beaglebone Sl by Codesys

Control For Empc A\/imx6 Sl by Codesys

Control For Iot2000 Sl by Codesys

Control For Linux Sl by Codesys

Control For Pfc100 Sl by Codesys

Control For Pfc200 Sl by Codesys

Control For Plcnext Sl by Codesys

Control For Raspberry Pi Sl by Codesys

Control For Wago Touch Panels 600 Sl by Codesys

Control Rte \(for Beckhoff Cx\) Sl by Codesys

Control Rte Sl by Codesys

Control Runtime System Toolkit by Codesys

Control Win Sl by Codesys

Development System V3 by Codesys

Hmi Sl by Codesys

Safety Sil2 Psp by Codesys

Safety Sil2 Runtime Toolkit by Codesys