PT-2022-20943 · 3S Smart Software Solutions · Codesys Gateway Server

Published

2022-06-24

Updated

2022-07-01

CVE-2022-31803

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions CODESYS Gateway Server V2 (affected versions not specified)

Description The issue is related to an insufficient check for the activity of TCP client connections, allowing an unauthenticated attacker to consume all available TCP connections. This prevents legitimate users or clients from establishing new connections to the server. However, existing connections remain intact.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2022-31803

Affected Products

Codesys Gateway Server

PT-2022-20943 · 3S Smart Software Solutions · Codesys Gateway Server

CVE-2022-31803

Weakness Enumeration

Related Identifiers

Affected Products

References · 5