CVE-2022-32142
8.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CODESYS | Runtime Toolkit | V2 < V2.4.7.57 | affected |
| CODESYS | PLCWinNT | V2 < V2.4.7.57 | affected |
Weaknesses
- CWE-823: CWE-823 Use of Out-of-range Pointer Offset
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.