CVE-2022-31804

Name of the Vulnerable Software and Affected Versions CODESYS Gateway Server V2

Description The issue arises from the failure of the CODESYS Gateway Server V2 to verify that the size of a request is within expected limits. This allows an unauthenticated attacker to allocate an arbitrary amount of memory, potentially leading to a crash of the Gateway due to an out-of-memory condition.

Recommendations For CODESYS Gateway Server V2, consider implementing size verification for incoming requests to prevent arbitrary memory allocation until a patch is available. As a temporary workaround, monitor system resources closely to detect and respond to potential out-of-memory conditions.