Vulnerabilities > CVE-2022-32142 - Use of Out-of-range Pointer Offset vulnerability in Codesys Plcwinnt and Runtime Toolkit

047910
CVSS 5.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
codesys
CWE-823

Summary

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required.

Vulnerable Configurations

Part Description Count
Application
Codesys
2

Common Weakness Enumeration (CWE)