CVE-2022-32137

Description

In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS