CVE-2023-37559

Name of the Vulnerable Software and Affected Versions Codesys products (affected versions not specified)

Description The issue is related to insufficient input validation in the CmpAppForce component of Codesys products. After successful user authentication, an attacker can send crafted network communication requests with inconsistent content, causing the component to read from an invalid internal address. This can potentially lead to a denial-of-service condition. The vulnerability can be exploited by a remote attacker.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.