CVE-2022-32142 - OpenCVE

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Codesys	Plcwinnt Runtime Toolkit

Configuration 1 [-]

OR	cpe:2.3:a:codesys:plcwinnt::::::::
	cpe:2.3:a:codesys:runtime_toolkit:::::::x86:*

References

Link	Resource
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2022-06-15T00:00:00

Updated: 2022-06-24T07:46:28

Reserved: 2022-05-31T00:00:00

Link: CVE-2022-32142

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-06-24T08:15:08.103

Modified: 2022-07-01T13:39:07.487

Link: CVE-2022-32142

JSON object: View

Redhat Information

No data.

CWE

CWE-823

{"containers": {"cna": {"affected": [{"platforms": ["32 bit"], "product": "Runtime Toolkit", "vendor": "CODESYS", "versions": [{"lessThan": "V2.4.7.57", "status": "affected", "version": "V2", "versionType": "custom"}]}, {"product": "PLCWinNT", "vendor": "CODESYS", "versions": [{"lessThan": "V2.4.7.57", "status": "affected", "version": "V2", "versionType": "custom"}]}], "datePublic": "2022-06-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-24T07:46:28", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download="}], "source": {"discovery": "UNKNOWN"}, "title": "CODESYS runtime system prone to denial of service due to use of out of range pointer", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2022-06-15T07:38:00.000Z", "ID": "CVE-2022-32142", "STATE": "PUBLIC", "TITLE": "CODESYS runtime system prone to denial of service due to use of out of range pointer"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Runtime Toolkit", "version": {"version_data": [{"platform": "32 bit", "version_affected": "<", "version_name": "V2", "version_value": "V2.4.7.57"}]}}, {"product_name": "PLCWinNT", "version": {"version_data": [{"version_affected": "<", "version_name": "V2", "version_value": "V2.4.7.57"}]}}]}, "vendor_name": "CODESYS"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-823 Use of Out-of-range Pointer Offset"}]}]}, "references": {"reference_data": [{"name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download=", "refsource": "CONFIRM", "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download="}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2022-32142", "datePublished": "2022-06-15T00:00:00", "dateReserved": "2022-05-31T00:00:00", "dateUpdated": "2022-06-24T07:46:28", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:codesys:plcwinnt:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B26FF87-3FCD-496E-97C5-A1E4F6AACCB1", "versionEndExcluding": "2.4.7.57", "versionStartIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:x86:*", "matchCriteriaId": "CF74E74E-4EF8-4C84-A9A1-612AB7FC88BA", "versionEndExcluding": "2.4.7.57", "versionStartIncluding": "2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required."}, {"lang": "es", "value": "Diversos productos CODESYS son propensos a un acceso de lectura o escritura fuera de l\u00edmites. Un atacante remoto poco privilegiado puede dise\u00f1ar una petici\u00f3n con un desplazamiento no v\u00e1lido, lo que puede causar un acceso de lectura o escritura fuera de l\u00edmites, resultando en una condici\u00f3n de denegaci\u00f3n de servicio o a una sobreescritura de la memoria local, lo que puede conllevar a un cambio de los archivos locales. No es requerida una interacci\u00f3n del usuario"}], "id": "CVE-2022-32142", "lastModified": "2022-07-01T13:39:07.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2022-06-24T08:15:08.103", "references": [{"source": "info@cert.vde.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17139&token=ec67d15a433b61c77154166c20c78036540cacb0&download="}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-823"}], "source": "info@cert.vde.com", "type": "Primary"}]}