CVE-2022-31804

Summary

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.

Affected Software

VendorProductVersion RangeStatus
CODESYSCODESYS Gateway Server V2unspecified < V2.3.9.38affected

Weaknesses

  • CWE-789: CWE-789: Memory Allocation with Excessive Size Value

ADP Enrichment

CVE Program Container

Additional References

References