cbcvebase.
CVE-2022-43606
published 2023-03-16

CVE-2022-43606: A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit…

PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
8.05%
94.1th percentile
A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.

Affected

2 ranges
VendorProductVersion rangeFixed in
eip_stack_groupopener
opener_projectopener< 2022-10-182022-10-18
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.