Headline
CVE-2022-47390
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
%PDF-1.7 %���� 1 0 obj <>/Metadata 373 0 R/ViewerPreferences 374 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��Wmo�6�n���>RD�]dH�$밢�u(�"Pm%�`K�"o�Oڿ�Qv�,�L���@6ES���{t읗��.�Tpv�;��t�9��Mo\,?�Əˬ�.���i5+��h���S?f�4+�}��w=2p������0���� ’�;�NS��*N��2�v~��ng3���[?Ì�ɢ��^����a�l�^�+E��O���Wu�w��mp��Z��T(����z�j�����G���\�6/1�k�� ��!�EU��^E�5�/v�R�v8�5M��W*�����*�hBi �� ��[�n��^�7d�v%�2�E��_GŚ\��k)��ky$�-:pf�OA��f�_�jn%�K9��wMSg�����*,�ź>���y�3��c�-������X��4������(���;�Fo��cB1��f���~�^�A��&1x�e?g�����-�\[��h9k٬Q!��2���<�:��+�����-�цr����Љ�!�[��J�s��F�$�Y��Ȓ ��1��IV˩���7Y�ֳw��(!�(9x��~p9��њ�e�!5.�H���N��,�H����8C��9 ��yz/߭>�g>��}j��0����3C�aa���SA��s�N���� ��n��L�Z;������ǡ�o������o|����p.��@����ZFm�� �nm�t�!;�@3G�|���m�p;THG �)O T���3�V *}�V͇’Ω�`��b�щ���JiKf(�E;��ڎ�qP4�څ�l��H������s\㫕nW�q��42���p}Br�cR5��ww��$��s$HZeQ���b�t!<%�%�G�!�8��ğ<�`1�m�m�0�����d�F1v�������N�+�~H�9a�Qی�ʧ۫�Ot>�y�i��AG�s��0˭��`����#G�z*�`
Related news
A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47379 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of