Stack overflow

2023-05-1510:15:00

PRIOn knowledge base

www.prio-n.com

authenticated remote attacker

denial-of-service

memory overwriting

remote code execution

nvd

vulnerability

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.7%

JSON

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CPENameOperatorVersion
control_for_beaglebone_sllt3.5.19.0
control_for_empc-a\\/imx6_sllt3.5.19.0
control_for_iot2000_sllt3.5.19.0
control_for_linux_sllt3.5.19.0
control_for_pfc100_sllt3.5.19.0
control_for_pfc200_sllt3.5.19.0
control_for_plcnext_sllt3.5.19.0
control_for_raspberry_pi_sllt3.5.19.0
control_for_wago_touch_panels_600_sllt3.5.19.0
control_rte_\\(for_beckhoff_cx\\)_sllt4.8.0.0

Name	Operator	Version
control_for_beaglebone_sl	lt	3.5.19.0
control_for_empc-a\\/imx6_sl	lt	3.5.19.0
control_for_iot2000_sl	lt	3.5.19.0
control_for_linux_sl	lt	3.5.19.0
control_for_pfc100_sl	lt	3.5.19.0
control_for_pfc200_sl	lt	3.5.19.0
control_for_plcnext_sl	lt	3.5.19.0
control_for_raspberry_pi_sl	lt	3.5.19.0
control_for_wago_touch_panels_600_sl	lt	3.5.19.0
control_rte_\\(for_beckhoff_cx\\)_sl	lt	4.8.0.0