CVE-2023-37558

Name of the Vulnerable Software and Affected Versions CODESYS (affected versions not specified)

Description The issue is related to insufficient input validation in the CmpAppForce component of CODESYS products. This can be exploited by a remote attacker to cause a denial-of-service condition. Specifically, after successful user authentication, crafted network communication requests with inconsistent content can lead to the CmpAppForce component reading from an invalid internal address.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.