HIGH🇬🇧 English

CVE-2022-30792

CVSS 7.5v3.1pub. 2022-07-11upd. 2024-11-21

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Codesys Control For Beaglebone

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Empc A\/imx6

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Iot2000 Sl

    APP
    Codesys
    < 4.6.0.0
  • Codesys Control For Linux Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Pfc100 Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Pfc200 Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Plcnext

    APP
    Codesys
    < 4.6.0.0
  • Codesys Control For Raspberry Pi Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Wago Touch Panels 600

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control Rte Sl

    APP
    Codesys
    < 3.5.18.20
  • Codesys Control Rte Sl \(for Beckhoff Cx\)

    APP
    Codesys
    < 3.5.18.20
  • Codesys Control Runtime System Toolkit

    APP
    Codesys
    < 3.5.18.20
  • Codesys Control Win

    APP
    Codesys
    < 3.5.18.20
  • Codesys Development System

    APP
    Codesys
    < 3.5.18.20
  • Codesys Edge Gateway

    APP
    Codesys
    < 3.5.18.20< 4.5.0.0
  • Codesys Embedded Target Visu Toolkit

    APP
    Codesys
    < 3.5.18.20
  • Codesys Gateway

    APP
    Codesys
    < 3.5.18.20
  • Codesys Hmi

    APP
    Codesys
    < 3.5.18.20
  • Codesys Remote Target Visu Toolkit

    APP
    Codesys
    < 3.5.18.20
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-31802CRITICAL9.8ten sam produkt

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been...

CVE-2021-33485CRITICAL9.8ten sam produkt

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

CVE-2020-10245CRITICAL9.8ten sam produkt

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

CVE-2019-18858CRITICAL9.8ten sam produkt

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overf...

CVE-2019-13548CRITICAL9.8ten sam produkt

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or h...