CVE-2023-37549

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 3, 2023
Updated: Aug 7, 2023
CWE ID 20

Summary

CVE-2023-37549 is a vulnerability affecting multiple versions of Codesys products. After a successful user authentication, certain maliciously crafted network communication requests with inconsistent content can cause the CmpApp component to access an invalid memory address. This issue results in a denial-of-service condition and is distinct from vulnerabilities CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, and CVE-2023-37550.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • CODESYS Development System
  • CODESYS Control Win (SL)
  • CODESYS HMI
  • CODESYS Control RTE (SL)
  • CODESYS Control for BeagleBone SL

Affected Vendors

  • Codesys
  • 3S-Smart Software Solutions

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-37549 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions