CVE-2022-4046 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Control FOR Beaglebone SL

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

8.8HIGHNVD

EPSS

0.8%

top 26.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Codesys Control FOR Beaglebone SL Codesys Control FOR Empc-a Imx6 SL Codesys Control FOR Iot2000 SL +11 more

Timeline

PublishedAug 3

Description

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages14 packages

▶CVEListV5codesys/codesys_control_rteall

▶CVEListV5codesys/codesys_control_winall

▶CVEListV5codesys/codesys_control_rte_slall

▶CVEListV5codesys/codesys_control_for_linux_slall

▶CVEListV5codesys/codesys_control_for_pfc100_slall

🔴Vulnerability Details

GHSA

GHSA-w93c-fgm5-qf42: In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user p↗2023-08-03

▶

CVEList

CODESYS: Improper memory restrictions fro CODESYS Control↗2023-08-03

▶

📋Vendor Advisories

Microsoft

Microsoft Office Information Disclosure Vulnerability↗2022-02-08

▶