The CODESYS Gateway does not correctly verify the ownership of a communication channel.
A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition.
3S-Smart Software Solutions GmbH
CODESYS V3 products in all versions prior to v188.8.131.52 that contain the CmpGateway.
3S-Smart Software Solutions GmbH has released v184.108.40.206 and v220.127.116.11 to address these vulnerabilities.