CVE-2022-22514
Untrusted Pointer Dereference in multiple CODESYS products can lead to a DoS.
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Productos afectados
CODESYS · CODESYS Control for BeagleBone SLCODESYS · CODESYS Control for Beckhoff CX9020 SLCODESYS · CODESYS Control for emPC-A/iMX6 SLCODESYS · CODESYS Control for IOT2000 SLCODESYS · CODESYS Control for Linux SLCODESYS · CODESYS Control for PFC100 SLCODESYS · CODESYS Control for PFC200 SLCODESYS · CODESYS Control for PLCnext SLCODESYS · CODESYS Control for Raspberry Pi SLCODESYS · CODESYS Control for WAGO Touch Panels 600 SLCODESYS · CODESYS Control RTE (for Beckhoff CX) SLCODESYS · CODESYS Control RTE (SL)CODESYS · CODESYS Control Runtime System ToolkitCODESYS · CODESYS Control Win (SL)CODESYS · CODESYS Development System V3CODESYS · CODESYS Edge Gateway for LinuxCODESYS · CODESYS Edge Gateway for WindowsCODESYS · CODESYS Embedded Target Visu ToolkitCODESYS · CODESYS GatewayCODESYS · CODESYS HMI (SL)CODESYS · CODESYS Remote Target Visu Toolkit¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →