Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-47391

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

CVE
#vulnerability#dos#pdf#auth

%PDF-1.7 %���� 1 0 obj <>/Metadata 365 0 R/ViewerPreferences 366 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��W�n�6�o�������U�cV4�� EP���b�S�ny��ee� b�Lj9 dQ�{ν�������ܤ���*}���7,f�{ÇYֻHo’yZM��7��\ׯY:���Cr|�’��!����?����Ys�v�xBt����*N�&e���� ɻ�e?���[|Ì%�i��{?Mo3MN ������R��&�ɼ�C|z�IBC�7��mp" ��ĉ�B�! 0r��烤���y�s��3���b�ט�Xr��hp�qQUŴ٧gEQ�|�j��2��,�4 �TZ��.�J"�PZ���*����(���U�M��$���0R� �,��j�0��y��E��9�َ�����F<Y�Yn,�Gs+9o�ɿn�86u48���CS�E3]���|�� ��� fi���������i~K�,���?’!8�n��MxS �1�5����\���?4�$\�G.#q�l��]¹��kK?Z�Z6k���b�Y����}SHy !�kh-��b�\��Љ��ڜ���i�4�d�0����6���H��!��l�GZ��,L�7S�$�H9x����8|Z��2�:!��G���RcuT�.��@����xX񙢧~})��O�|W�1�C>��ӕ�"w�g�J�~[�ڦ�lL�7��5v��l]SBo����������s��|վ,83T־]��+۷+8�}f��f4f��:+3e����]�8�t���ר^�߸B��4K�< `�}���kwZ��+�������,�V�*�¶d�2���)�I,�0��g;�j��_2U���s*81(�j$q��-+��-�K�-/�6�nݣ�Aь��e]>;5�{��D�1ƭV��Zw3�"�H���z���gR5���;���D��I�,��}�X*g%� ������P�V���,���F�_�եk!e�I�U�x��v (�\��N��6{ 7`l�ѝ�p�,�����0K��G�b9���ef5���42��8A��=�b��܁-�-g*���k��m��j�$� �tK������eF`��5u��WV��u����Q] �g��iс��<� ��G�X�t��戛����e�r?��J ?ɏ�� endstream endobj 5 0 obj <> stream ����JFIF``��JExifMM*2:(``�� XICC_PROFILE HLinomntrRGB XYZ � 1acspMSFTIEC sRGB���-HP cprtP3desc�lwtpt�bkptrXYZgXYZ,bXYZ@dmndTpdmdd��vuedL�view�$lumi�meas $tech0 rTRC< gTRC< bTRC< textCopyright © 1998 Hewlett-Packard CompanydescsRGB IEC61966-2.1sRGB IEC61966-2.1XYZ �Q�XYZ XYZ o�8��XYZ b����XYZ $����descIEC http://www.iec.chIEC http://www.iec.chdesc.IEC 61966-2.1 Default RGB colour space - sRGB.IEC 61966-2.1 Default RGB colour space - sRGBdesc,Reference Viewing Condition in IEC61966-2.1,Reference Viewing Condition in IEC61966-2.1view��_.��� \�XYZ L VPW�meas�sig CRT curv #(-27;@EJOTY^chmrw|������������������������� %+28>ELRY`gnu|���������������� &/8AKT]gqz������������ !-8COZfr~���������� -;HUcq~��������� +:IXgw��������’7HYj{�������+=Oat������� 2FZn�������  % : O d y � � � � � �  ' = T j � � � � � � " 9 Q i � � � � � �  * C \ u � � � � � & @ Z t � � � � �.Id���� %A^z���� &Ca~����1Om����&Ed����#Cc����’Ij����4Vx���&Il����Ae����@e���� Ek���*Qw���;c���*R{���Gp���@j���>i���  A l � � �!!H!u!�!�!�"’"U"�"�"�# #8#f#�#�#�$$M$|$�$�% %8%h%�%�%�&’&W&�&�&�’’I’z’�’�( (?(q(�(�))8)k)�)�**5*h*�*�++6+i+�+�,,9,n,�,�- -A-v-�-�..L.�.�.�/$/Z/�/�/�050l0�0�11J1�1�1�2*2c2�2�3 3F33�3�4+4e4�4�55M5�5�5�676r6�6�7$7`7�7�88P8�8�99B99�9�:6:t:�:�;-;k;�;�<’

Related news

15 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47379 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907