CVE-2023-37558

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 3, 2023
Updated: Aug 8, 2023
CWE ID 20

Summary

CVE-2023-37558 is a vulnerability affecting multiple versions of Codesys products. After successful authentication as a user, specific crafted network communication requests can cause the CmpAppForce component to read from an invalid address, potentially leading to a denial-of-service condition. The vulnerability has a base score of 6.5 (medium severity) and requires low privileges with no user interaction. It has a low attack complexity and can be exploited over a network. The potential danger to organizations is high, as it can lead to a loss of availability. To remediate the vulnerability, affected organizations should apply the necessary patches or updates provided by Codesys.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-37558 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options