CVE-2022-29884

Name of the Vulnerable Software and Affected Versions CP-8000 MASTER MODULE WITH I/O -25/+70°C versions prior to CPC80 V16.30 CP-8000 MASTER MODULE WITH I/O -40/+70°C versions prior to CPC80 V16.30 CP-8021 MASTER MODULE versions prior to CPC80 V16.30 CP-8022 MASTER MODULE WITH GPRS versions prior to CPC80 V16.30

Description A vulnerability has been identified in certain devices when using the HTTPS server under specific conditions. Affected devices do not properly free resources, which could allow an unauthenticated remote attacker to put the device into a denial of service condition.

Recommendations For CP-8000 MASTER MODULE WITH I/O -25/+70°C versions prior to CPC80 V16.30, update to version CPC80 V16.30 or later. For CP-8000 MASTER MODULE WITH I/O -40/+70°C versions prior to CPC80 V16.30, update to version CPC80 V16.30 or later. For CP-8021 MASTER MODULE versions prior to CPC80 V16.30, update to version CPC80 V16.30 or later. For CP-8022 MASTER MODULE WITH GPRS versions prior to CPC80 V16.30, update to version CPC80 V16.30 or later. As a temporary workaround, consider restricting access to the HTTPS server until a patch is available.