CVE-2023-37558
published 2023-08-03CVE-2023-37558: After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codesys | codesys_control_for_beaglebone_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_empc-a_imx6_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_iot2000_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_linux_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_pfc100_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_pfc200_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_plcnext_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_raspberry_pi_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_for_wago_touch_panels_600_sl | < V4.10.0.0 | V4.10.0.0 |
| codesys | codesys_control_rte | < V3.5.19.20 | V3.5.19.20 |
| codesys | codesys_control_rte_sl | < V3.5.19.20 | V3.5.19.20 |
| codesys | codesys_control_runtime_system_toolkit | < V3.5.19.20 | V3.5.19.20 |
| codesys | codesys_control_win | < V3.5.19.20 | V3.5.19.20 |
| codesys | codesys_development_system_v3 | < V3.5.19.20 | V3.5.19.20 |
| codesys | codesys_hmi | < V3.5.19.20 | V3.5.19.20 |
| codesys | codesys_safety_sil2_runtime_toolkit | < V3.5.19.20 | V3.5.19.20 |
| codesys | control_for_beaglebone_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_empc-a_imx6_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_iot2000_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_linux_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_pfc100_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_pfc200_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_plcnext_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_raspberry_pi_sl | < 4.10.0.0 | 4.10.0.0 |
| codesys | control_for_wago_touch_panels_600_sl | < 4.10.0.0 | 4.10.0.0 |