CVE-2022-43765: DoS in APROLs Tbase server
First published: Wed Feb 08 2023(Updated: )
B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based attacker to cause an application Denial-of-Service.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| B&R Industrial Automation Aprol | <r4.2-07 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-43765?
CVE-2022-43765 has a severity rating that indicates a potential for Denial-of-Service due to improper handling of specially formatted data packages.
How do I fix CVE-2022-43765?
To mitigate CVE-2022-43765, upgrade B&R APROL to version R 4.2-07 or later to ensure proper processing of data.
What systems are affected by CVE-2022-43765?
CVE-2022-43765 affects B&R APROL versions earlier than R 4.2-07.
Can CVE-2022-43765 be exploited remotely?
Yes, CVE-2022-43765 can be exploited by network-based attackers sending specially crafted packets.
What type of attack does CVE-2022-43765 facilitate?
CVE-2022-43765 facilitates a Denial-of-Service attack, disrupting application availability.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/br-automation
- canonical/b&r industrial automation aprol