HIGH🇵🇱 Wersja polska

CVE-2022-30792

CVSS 7.5v3.1pub. 2022-07-11upd. 2024-11-21

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Codesys Control For Beaglebone

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Empc A\/imx6

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Iot2000 Sl

    APP
    Codesys
    < 4.6.0.0
  • Codesys Control For Linux Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Pfc100 Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Pfc200 Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Plcnext

    APP
    Codesys
    < 4.6.0.0
  • Codesys Control For Raspberry Pi Sl

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control For Wago Touch Panels 600

    APP
    Codesys
    < 4.5.0.0
  • Codesys Control Rte Sl

    APP
    Codesys
    < 3.5.18.20
  • Codesys Control Rte Sl \(for Beckhoff Cx\)

    APP
    Codesys
    < 3.5.18.20
  • Codesys Control Runtime System Toolkit

    APP
    Codesys
    < 3.5.18.20
  • Codesys Control Win

    APP
    Codesys
    < 3.5.18.20
  • Codesys Development System

    APP
    Codesys
    < 3.5.18.20
  • Codesys Edge Gateway

    APP
    Codesys
    < 3.5.18.20< 4.5.0.0
  • Codesys Embedded Target Visu Toolkit

    APP
    Codesys
    < 3.5.18.20
  • Codesys Gateway

    APP
    Codesys
    < 3.5.18.20
  • Codesys Hmi

    APP
    Codesys
    < 3.5.18.20
  • Codesys Remote Target Visu Toolkit

    APP
    Codesys
    < 3.5.18.20
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-31802CRITICAL9.8ten sam produkt

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been...

CVE-2021-33485CRITICAL9.8ten sam produkt

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

CVE-2020-10245CRITICAL9.8ten sam produkt

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

CVE-2019-18858CRITICAL9.8ten sam produkt

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overf...

CVE-2019-13548CRITICAL9.8ten sam produkt

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or h...