Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices.
Check it out!
CWE-416: USE AFTER FREE A specific function code receives a raw pointer supplied by the user and deallocates this pointer. The user can then control what memory regions will be freed and cause use-after-free condition. Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, and acquire complete remote control over the machine. Read: “Claroty, Auvesy Coordinate Disclosure on Versiondog Vulnerabilities”