Headline

CVE-2022-47390

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

1 year ago

CVE

Open in Source

#vulnerability #dos #rce #pdf #auth

%PDF-1.7 %�� 1 0 obj <>/Metadata 373 0 R/ViewerPreferences 374 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/Font<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��Wmo�6�n��>RD�]dH�$밢�u(�"Pm%�`K�"o�Oڿ�Qv�,�L��@6ES��{t읗��.�Tpv�;��t�9��Mo\,?�Əˬ�.��i5+��h��S?f�4+�}��w=2p��0�� ’�;�NS��*N��2�v~��ng3��[?Ì�ɢ��^��a�l�^�+E��O��Wu�w��mp��Z��T(��z�j��G��\�6/1�k�� !�EU��^E�5�/v�R�v8�5M��W*��*�hBi �� [�n��^�7d�v%�2�E��_GŚ\��k)��ky$�-:pf�OA��f�_�jn%�K9��wMSg��*,�ź>��y�3��c�-��X��4��(��;�Fo��cB1��f��~�^�A��&1x�e?g��-�\[��h9k٬Q!��2��<�:��+��-�цr��Љ�!�[��J�s��F�$�Y��Ȓ ��1��IV˩��7Y�ֳw��(!�(9x��~p9��њ�e�!5.�H��N��,�H��8C��9 ��yz/߭>�g>��}j��0��3C�aa��SA��s�N�� n��L�Z;��ǡ�o��o|��p.��@��ZFm�� nm�t�!;�@3G�|��m�p;THG �)O T��3�V *}�V͇’Ω�`��b�щ��JiKf(�E;��ڎ�qP4�څ�l��H��s\㫕nW�q��42��p}Br�cR5��ww��$��s$HZeQ��b�t!<޶%�%�G�!�8��ğ<�`1�m�m�0��d�F1v��N�+�~H�9a�Qی�ʧ۫�Ot>�y�i��AG�s��0˭��`��#G�z*�`

A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47379 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of

1 year ago

The Hacker News

Open in Source

#vulnerability #microsoft #dos #intel #backdoor #rce #buffer_overflow #auth #The Hacker News