CVE-2022-34761

Name of the Vulnerable Software and Affected Versions X80 advanced RTU Communication Module versions 2.01 and later OPC UA Modicon Communication Module versions 1.10 and prior

Description A NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. The vulnerability is related to errors in handling JSON content. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service.

Recommendations For X80 advanced RTU Communication Module versions 2.01 and later, consider disabling JSON content type parsing until a patch is available. For OPC UA Modicon Communication Module versions 1.10 and prior, restrict access to the webserver to minimize the risk of exploitation. As a temporary workaround, consider avoiding the use of JSON content type in the affected modules until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.