CVE-2022-32138

High

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a…

CERTVDE·CWE-194·Published 2022-06-24

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

177 chars

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

NVDen

177 chars

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

En diversos productos CODESYS, un atacante remoto puede diseñar una petición que puede causar una extensión de signo inesperada, resultando en una condición de negación de servicio o sobreescritura de memoria

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.5	8.0	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H