CVE-2022-32140
published 2022-06-24CVE-2022-32140: Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codesys | plcwinnt | >= 2.0 < 2.4.7.57 | 2.4.7.57 |
| codesys | plcwinnt | >= V2 < V2.4.7.57 | V2.4.7.57 |
| codesys | runtime_toolkit | >= 2.0 < 2.4.7.57 | 2.4.7.57 |
| codesys | runtime_toolkit | >= V2 < V2.4.7.57 | V2.4.7.57 |