CVE-2022-32139

Description

In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required.

Related CPE's

acodesysruntime_toolkit******x86*

acodesysplcwinnt********

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=

MitigationVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

PARTIAL

IntegrityImpact

NONE

BaseScore

4

VectorString

AV:N/AC:L/Au:S/C:N/I:N/A:P

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE

Created by Yello
About Severity.io