CVE-2023-22424

Name of the Vulnerable Software and Affected Versions Kostac PLC Programming Software versions 1.6.9.0 and earlier

Description A use-after-free issue exists in the software. When an abnormal value is given as the maximum number of columns for the PLC program, the process accesses freed memory. This can lead to information disclosure and/or arbitrary code execution when opening a specially crafted project file.

Recommendations For versions 1.6.9.0 and earlier, update to a version later than 1.6.9.0 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.