CVE-2022-47385

CVSS V2 None CVSS V3 None

Description

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Overview

CVE ID
CVE-2022-47385

Assigner
info@cert.vde.com

Vulnerability Status
Received

Published Version
2023-05-15T10:15:09

Last Modified Date
2023-05-15T10:15:09

Weakness Enumerations

CWE	URL
CWE-787	http://cwe.mitre.org/data/definitions/787.html

References

Reference URL	Reference Tags
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download=

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-47385
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47385

History

Created	Old Value	New Value	Data Type	Notes
2023-05-15 11:01:20				Added to TrackCVE
2023-05-15 11:01:23			Weakness Enumeration	new