CVE-2022-32138

Summary

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

Affected Software

VendorProductVersion RangeStatus
CODESYSRuntime ToolkitV2 < V2.4.7.57affected
CODESYSPLCWinNTV2 < V2.4.7.57affected

Weaknesses

  • CWE-194: CWE-194: Unexpected Sign Extension

ADP Enrichment

CVE Program Container

Additional References

References