CVE-2022-30792

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.

Published: Jul 11, 2022
Updated: May 4, 2025
CVE: CVE-2022-30792
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
codesys / control_for_linux_sl	-	4.5.0.0
codesys / control_for_pfc100_sl	-	4.5.0.0
codesys / control_for_pfc200_sl	-	4.5.0.0
codesys / control_for_raspberry_pi_sl	-	4.5.0.0
codesys / edge_gateway	-	4.5.0.0
codesys / edge_gateway	-	3.5.18.20
codesys / remote_target_visu_toolkit	-	3.5.18.20
codesys / development_system	-	3.5.18.20
codesys / control_rte_sl_(for_beckhoff_cx)	-	3.5.18.20
codesys / embedded_target_visu_toolkit	-	3.5.18.20
codesys / gateway	-	3.5.18.20
codesys / control_runtime_system_toolkit	-	3.5.18.20
codesys / hmi	-	3.5.18.20
codesys / control_rte_sl	-	3.5.18.20
codesys / control_win	-	3.5.18.20
codesys / control_for_plcnext	-	4.6.0.0
codesys / control_for_iot2000_sl	-	4.6.0.0
codesys / control_for_wago_touch_panels_600	-	4.5.0.0
codesys / control_for_empc-a/imx6	-	4.5.0.0
codesys / control_for_beaglebone	-	4.5.0.0

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=

Vulnerability Database

289,784

CVE-2022-30792