Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2022-32137

Published: 24/06/2022 Updated: 01/07/2022
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Runtime Toolkit

Vulnerability Summary

In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

codesys runtime toolkit

codesys plcwinnt

Github Repositories

https://github.com/ic3sw0rd/Codesys_V2_Vulnerability

Commonly existing PLC Supply Chain Threats: Multiple critical vulnerabilities in Codesys Runtime Abstract We conducted an in-depth research on CODESYS V2 runtime and PLCs using this kernel (ABB AC500 PLCs) We found 11 vulnerabilities in CODESYS V2 runtime; 2 of all accepted vulnerabilities graded as critical, 7 as high risk, and 2 as medium risk These vulnerabilities a

References

CWE-122https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=https://nvd.nist.govhttps://github.com/ic3sw0rd/Codesys_V2_Vulnerability
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook