A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.
https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01
https://www.cisa.gov/news-events/ics-advisories/icsa-25-329-05
https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-04
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=
Source: Mitre, NVD
Published: 2022-04-07
Updated: 2026-06-17
Base Score: 4.9
Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N
Severity: Medium
Base Score: 8.1
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity: High
EPSS: 0.00072