3 matches found
CVE-2022-43606
A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a seri...
CVE-2022-43606
Summary (CVE-2022-43606) : In EIP Stack Group OpENer (development commit 58ee13c), a use-of-uninitialized-pointer occurs in the Forward Open connection_management_entry, when processing a specially crafted EtherNet/IP request. This can lead to a crash (server segmentation fault) due to dereferenc...
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Jared Rittle of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered three vulnerabilities in EIP Stack Group OpENer, an ethernet/IP stack for I/O adapter devices, that could allow an attacker to cause a targeted server to crash or open the door to remote code execution...