CODESYS EtherNetIP - Improper timeout handling

CODESYS EtherNet/IP is an add‑on for the CODESYS Development System that provides a fully integrated EtherNet/IP protocol stack along with diagnostic capabilities. A flaw in the EtherNet/IP adapter protocol stack library results in a vulnerability within the generated application code. When an EtherNet/IP adapter is configured, this vulnerable protocol stack is downloaded to and executed by CODESYS Control runtime systems.

Under certain non‑standard operating conditions, the EtherNet/IP adapter fails to perform timeout checks on active TCP connections. As a result, once all available TCP connections are in use, expired connections are not released and no new TCP connections can be established. Existing connections remain unaffected and continue to operate normally.

This issue affects only CODESYS projects that include an EtherNet/IP adapter configuration.

Exploitation of this vulnerability may allow an unauthenticated remote attacker to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack running on a CODESYS Control runtime system, thereby preventing legitimate clients from establishing new connections.

Update the following products to version 4.9.0.0.
* CODESYS EtherNetIP

The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.

CODESYS GmbH thanks the following parties for their efforts:

• CERT@VDE for coordination (see https://www.certvde.com )
• ABB for reporting