Vulnerabilities > CVE-2022-1965 - Improper Handling of Exceptional Conditions vulnerability in Codesys Plcwinnt and Runtime Toolkit

047910
CVSS 8.1 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
codesys
CWE-755

Summary

Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.

Vulnerable Configurations

Part Description Count
Application
Codesys
2