CVE Vulnerabilities

CVE-2022-32141

Buffer Over-read

Published: Jun 24, 2022 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.

Weakness

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Affected Software

Name Vendor Start Version End Version
Plcwinnt Codesys 2.0 (including) 2.4.7.57 (excluding)
Runtime_toolkit Codesys 2.0 (including) 2.4.7.57 (excluding)

References