Snap7 · Snap7 · CVE-2020-22552
**Name of the Vulnerable Software and Affected Versions**
Snap7 version 1.4.1
**Description**
The issue occurs when an attacker sends a crafted packet using the COTP protocol with the last-data-unit flag set to No, and the S7 function writes a variable. This results in the Snap7 server crashing.
**Recommendations**
For Snap7 version 1.4.1, consider disabling the var function in S7 writes to prevent the server from crashing until a patch is available.