Headline

CVE-2022-31804

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.

2 years ago

CVE

Open in Source

#pdf #auth

%PDF-1.7 %�� 1 0 obj <>/Metadata 361 0 R/ViewerPreferences 362 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��Wmo�H��؏듼��]WR תU[�˩BU�C9��^~��I1�D��z癙g��N��:��$:-�t�9�a4��"�ޥ��<-��

CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service (DoS) condition, among others. "These vulnerabilities are simple to exploit, and they can be successfully exploited to cause consequences such as sensitive information leakage, PLCs entering a severe fault state, and arbitrary code

2 years ago

The Hacker News

Open in Source

#vulnerability #web #ios #dos #auth #The Hacker News