CVE-2022-32142

Summary

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required.

Affected Software

VendorProductVersion RangeStatus
CODESYSRuntime ToolkitV2 < V2.4.7.57affected
CODESYSPLCWinNTV2 < V2.4.7.57affected

Weaknesses

  • CWE-823: CWE-823 Use of Out-of-range Pointer Offset

ADP Enrichment

CVE Program Container

Additional References

References