CVE-2022-32138
published 2022-06-24CVE-2022-32138: In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codesys | plcwinnt | >= 2.0 < 2.4.7.57 | 2.4.7.57 |
| codesys | plcwinnt | >= V2 < V2.4.7.57 | V2.4.7.57 |
| codesys | runtime_toolkit | >= 2.0 < 2.4.7.57 | 2.4.7.57 |
| codesys | runtime_toolkit | >= V2 < V2.4.7.57 | V2.4.7.57 |