CVE-2022-4046 | THREATINT

Description

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

Reserved 2022-11-17 | Published 2023-08-03 | Updated 2024-10-22 | Assigner CERTVDE

HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Product status

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

Default status

affected

all

affected

References

cert.vde.com/en/advisories/VDE-2023-025/

cve.org (CVE-2022-4046)

nvd.nist.gov (CVE-2022-4046)

Download JSON