PatchSiren cyber security CVE debrief
CVE-2022-30792 CODESYS CVE debrief
CVE-2022-30792 describes an availability issue in CmpChannelServer of CODESYS V3 where an unauthorized attacker can trigger uncontrolled resource consumption and block new communication channel connections. Existing connections are not affected, but the impact can still be significant in OT environments that depend on reliable channel creation.
- Vendor
- CODESYS
- Product
- FESTO
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-03-17
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-03-17
Who should care
Operators and maintainers of Festo Automation Suite deployments that include CODESYS components, especially where automation engineering workstations or OT hosts accept network-based CODESYS communication. Security teams responsible for industrial control system patching and exposure reduction should prioritize affected installations.
Technical summary
The advisory describes uncontrolled resource consumption in CmpChannelServer of CODESYS V3. Because the issue is reachable without authentication, an attacker can exhaust the server’s ability to accept new communication channel connections. The result is a denial of service for new sessions rather than a full outage of existing connections. The source advisory ties affected product entries to Festo Automation Suite versions below 2.8.0.138 and bundled CODESYS Development System components, and recommends moving to patched CODESYS releases and current Festo Automation Suite updates.
Defensive priority
High. This is a network-reachable, unauthenticated availability impact in an industrial software component. Prioritize patching and exposure reduction on any system that creates or brokers CODESYS communication channels, especially production OT hosts.
Recommended defensive actions
- Update affected installations to the latest patched CODESYS release from the official CODESYS website.
- Apply Festo Automation Suite updates as released by Festo and follow the vendor installation and update instructions.
- For deployments that no longer need bundled CODESYS, verify the suite version and separate CODESYS installation path introduced in Festo Automation Suite 2.8.0.138.
- Monitor CODESYS and Festo security advisories regularly and apply updates promptly.
- Review OT network exposure and limit access to the affected service to trusted management networks only, following established ICS defense-in-depth practices.
Evidence notes
Source corpus indicates the advisory was published on 2026-02-26 and modified on 2026-03-17; those dates should be treated as the advisory timeline for this record. The advisory text states that uncontrolled resource consumption in CmpChannelServer of CODESYS V3 can block new communication channel connections while leaving existing connections unaffected. The remediation section specifically says that starting with Festo Automation Suite 2.8.0.138, CODESYS is no longer bundled and must be installed separately, and advises customers to obtain patched CODESYS directly from the official website. The source metadata also contains inconsistent vendor labeling, so vendor attribution should be treated as low confidence and reviewed.
Official resources
-
CVE-2022-30792 CVE record
CVE.org
-
CVE-2022-30792 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA republished the vendor advisory in its CSAF format on 2026-02-26 and updated the record on 2026-03-17. The source corpus includes mixed vendor metadata, so the public debrief should be read as a CODESYS-in-Festo Automation Suite issue,