CVE-2022-30791

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CERTVDECNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
codesyscontrol_for_beaglebone
𝑥
< 4.5.0.0
codesyscontrol_for_empc-a\/imx6
𝑥
< 4.5.0.0
codesyscontrol_for_iot2000_sl
𝑥
< 4.6.0.0
codesyscontrol_for_linux_sl
𝑥
< 4.5.0.0
codesyscontrol_for_pfc100_sl
𝑥
< 4.5.0.0
codesyscontrol_for_pfc200_sl
𝑥
< 4.5.0.0
codesyscontrol_for_plcnext
𝑥
< 4.6.0.0
codesyscontrol_for_raspberry_pi_sl
𝑥
< 4.5.0.0
codesyscontrol_for_wago_touch_panels_600
𝑥
< 4.5.0.0
codesyscontrol_rte_sl
𝑥
< 3.5.18.20
codesyscontrol_rte_sl_\(for_beckhoff_cx\)
𝑥
< 3.5.18.20
codesyscontrol_runtime_system_toolkit
𝑥
< 3.5.18.20
codesyscontrol_win
𝑥
< 3.5.18.20
codesysdevelopment_system
𝑥
< 3.5.18.20
codesysedge_gateway
𝑥
< 3.5.18.20
codesysedge_gateway
𝑥
< 4.5.0.0
codesysembedded_target_visu_toolkit
𝑥
< 3.5.18.20
codesysgateway
𝑥
< 3.5.18.20
codesyshmi
𝑥
< 3.5.18.20
codesysremote_target_visu_toolkit
𝑥
< 3.5.18.20
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17128&token=bee4d8a57f19be289d623ec90135493b5f9179e3&download=