CVE Vulnerabilities

CVE-2023-37548

Published: Aug 03, 2023 | Modified: Aug 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550

Affected Software

Name Vendor Start Version End Version
Control_for_beaglebone_sl Codesys * 4.10.0.0 (excluding)
Control_for_empc-a/imx6_sl Codesys * 4.10.0.0 (excluding)
Control_for_iot2000_sl Codesys * 4.10.0.0 (excluding)
Control_for_linux_sl Codesys * 4.10.0.0 (excluding)
Control_for_pfc100_sl Codesys * 4.10.0.0 (excluding)
Control_for_pfc200_sl Codesys * 4.10.0.0 (excluding)
Control_for_plcnext_sl Codesys * 4.10.0.0 (excluding)
Control_for_raspberry_pi_sl Codesys * 4.10.0.0 (excluding)
Control_for_wago_touch_panels_600_sl Codesys * 4.10.0.0 (excluding)

References