Headline
CVE-2022-47391
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
%PDF-1.7 %���� 1 0 obj <>/Metadata 365 0 R/ViewerPreferences 366 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��W�n�6�o�������U�cV4��EP���b�S�ny��ee�b�Lj9 dQ�{ν�������ܤ���*}���7,f�{ÇYֻHo’yZM��7��\ׯY:���Cr|�’��!����?����Ys�v�xBt����*N�&e����ɻ�e?���[|Ì%�i��{?Mo3MN ������R��&�ɼ�C|z�IBC�7��mp" ��ĉ�B�!0r��烤���y�s��3���b�ט�Xr��hp�qQUŴ٧gEQ�|�j��2��,�4�TZ��.�J"�PZ���*����(���U�M��$���0R� �,��j�0��y��E��9�َ�����F<Y�Yn,�Gs+9o�ɿn�86u48���CS�E3]���|����� fi���������i~K�,���?’!8�n��MxS�1�5����\���?4�$\�G.#q�l��]¹��kK?Z�Z6k���b�Y����}SHy!�kh-��b�\��Љ��ڜ���i�4�d�0����6���H��!��l�GZ��,L�7S�$�H9x����8|Z��2�:!��G���RcuT�.��@����xX~})��O�|W�1�C>��ӕ�"w�g�J�~[�ڦ�lL�7��5v��l]SBo����������s��|վ,83T־]��+۷+8�}f��f4f��:+3e����]�8�t���ר^�߸B��4K�< `�}���kwZ��+�������,�V�*�¶d�2���)�I,�0��g;�j��_2U���s*81(�j$q��-+��-�K�-/�6�nݣ�Aь��e]>;5�{��D�1ƭV��Zw3�"�H���z���gR5���;���D��I�,��}�X*g%�������P�V���,���F�_�եk!e�I�U�x��v (�\��N��6{7`l�ѝ�p�,�����0K��G�b9���ef5���42��8A��=�b��܁-�-g*���k��m��j�$��tK������eF`��5u��WV��u����Q] �g��iс��<� ��G�X�t��戛����e�r?��J ?ɏ�� endstream endobj 5 0 obj <> stream ����JFIF``��JExifMM*2:(``��XICC_PROFILEHLinomntrRGB XYZ � 1acspMSFTIEC sRGB���-HP cprtP3desc�lwtpt�bkptrXYZgXYZ,bXYZ@dmndTpdmdd��vuedL�view�$lumi�meas$tech0rTRC<gTRC<bTRC<textCopyright © 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ �Q�XYZ XYZ o�8��XYZ b����XYZ $����descIEC http://www.iec.chIEC http://www.iec.chdesc.IEC 61966-2.1 Default RGB colour space - sRGB.IEC 61966-2.1 Default RGB colour space - sRGBdesc,Reference Viewing Condition in IEC61966-2.1,Reference Viewing Condition in IEC61966-2.1view��_.���\�XYZ L VPW�meas�sig CRT curv #(-27;@EJOTY^chmrw|������������������������� %+28>ELRY`gnu|����������������&/8AKT]gqz������������!-8COZfr~���������� -;HUcq~��������� +:IXgw��������’7HYj{�������+=Oat�������2FZn������� % : O d y � � � � � � ' = T j � � � � � �"9Qi������*C\u����� & @ Z t � � � � �.Id���� %A^z���� &Ca~����1Om����&Ed����#Cc����’Ij����4Vx���&Il����Ae����@e���� Ek���*Qw���;c���*R{���Gp���@j���>i��� A l � � �!!H!u!�!�!�"’"U"�"�"�# #8#f#�#�#�$$M$|$�$�% %8%h%�%�%�&’&W&�&�&�’’I’z’�’�( (?(q(�(�))8)k)�)�**5*h*�*�++6+i+�+�,,9,n,�,�--A-v-�-�..L.�.�.�/$/Z/�/�/�050l0�0�11J1�1�1�2*2c2�2�3 3F33�3�4+4e4�4�55M5�5�5�676r6�6�7$7`7�7�88P8�8�99B99�9�:6:t:�:�;-;k;�;�<’
Related news
A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47379 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of