EUVD-2023-41444

Malicious code in bioql PyPI...

EUVD-2023-41445

Malicious code in bioql PyPI...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47385)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

The vulnerability of the CmpAppForce component in CODESYS and Schneider Electric software products allows a hacker to execute arbitrary code.

The vulnerability of the CmpAppForce component in CODESYS and Schneider Electric software products relates to the ability to write data beyond the buffer boundaries into memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

CVE-2022-47385

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution...

CVE-2022-47385

CVE-2022-47385 affects CODESYS V3 runtime components (notably CmpAppForce) across multiple products/versions. After authentication, a crafted request can trigger a stack-based out-of-bounds write in CmpAppForce, risking denial-of-service, memory overwrite, or remote code execution. The related EN...

PT-2023-3473 · Schneider Electric +1 · Schneider Electric +1

Name of the Vulnerable Software and Affected Versions: CODESYS products affected versions not specified Schneider Electric products affected versions not specified Description: The issue is related to a stack-based out-of-bounds write vulnerability in the CmpAppForce Component. This vulnerability...