CVE-2021-36764

Name of the Vulnerable Software and Affected Versions CODESYS Gateway V3 versions prior to 3.5.17.10

Description The issue is related to a NULL Pointer Dereference in the affected CODESYS products. Crafted communication requests may cause a Null pointer dereference, resulting in a denial-of-service condition. An attacker, acting remotely, can exploit this issue by sending a specially crafted TCP packet.

Recommendations For CODESYS Gateway V3 versions prior to 3.5.17.10, update to version 3.5.17.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected CODESYS products to minimize the risk of exploitation.