CVE-2022-43604

CVSS V2 None CVSS V3 None
Description
An out-of-bounds write vulnerability exists in the GetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out-of-bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
Overview
  • CVE ID
  • CVE-2022-43604
  • Assigner
  • talos-cna@cisco.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-03-16T21:15:11
  • Last Modified Date
  • 2023-03-23T18:55:03
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:opener_project:opener:*:*:*:*:*:*:*:* 1 OR 2022-10-18
References
Reference URL Reference Tags
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1661 Exploit Third Party Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 06:36:00 Added to TrackCVE
2023-04-17 06:36:03 Weakness Enumeration new