Coppia Technology · Snap7 Server · CVE-2017-1000230
**Name of the Vulnerable Software and Affected Versions**
Snap7 Server version 1.4.1
**Description**
The issue allows for a denial of service attack when the `ItemCount` field of the `ReadVar` or `WriteVar` functions in the S7 protocol implementation is provided with unexpected input, causing the Snap7 Server to crash.
**Recommendations**
For Snap7 Server version 1.4.1, as a temporary workaround, consider restricting access to the `ReadVar` and `WriteVar` functions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.