Description
An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections.
Published: 2026-04-23
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Denial of Service
Action: Check for patch
AI Analysis

Impact

An unauthenticated remote attacker can exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack by repeatedly opening connections, causing legitimate clients to be unable to connect. The vulnerability arises from improper timeout handling in the adapter, a flaw classified as CWE-754, and results in a denial of service condition where new connections are blocked for the duration of the exhaustion.

Affected Systems

The affected product is CODESYS EtherNetIP from the vendor CODESYS. No specific version information is provided, so all installations of the CODESYS EtherNetIP adapter are potentially impacted.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity of this vulnerability. The EPSS score of less than 1% suggests a very low probability of exploitation at the time of analysis, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote network access, with authentication not required, and the exploit requires only the ability to open repeated TCP connections to the targeted device.

Generated by OpenCVE AI on April 28, 2026 at 20:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the CODESYS vendor website or release notes for an update that addresses the timeout handling issue.
  • If an update is not yet available, restrict the number of concurrent TCP connections accepted by the EtherNet/IP adapter through firewall rules or service limits to mitigate the connection exhaustion attack.
  • Monitor system logs for excessive connection attempts and block repeated source IP addresses when suspicious activity is detected.

Generated by OpenCVE AI on April 28, 2026 at 20:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Codesys ethernetip
Vendors & Products Codesys ethernetip

Thu, 23 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections.
Title Improper timeout handling in CODESYS EtherNetIP
First Time appeared Codesys
Codesys codesys Ethernetip
Weaknesses CWE-754
CPEs cpe:2.3:a:codesys:codesys_ethernetip:*:*:*:*:*:*:*:*
Vendors & Products Codesys
Codesys codesys Ethernetip
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Codesys Codesys Ethernetip Ethernetip
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2026-04-23T15:35:43.352Z

Reserved: 2026-04-01T19:54:21.499Z

Link: CVE-2026-35225

cve-icon Vulnrichment

Updated: 2026-04-23T15:35:39.991Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-23T15:37:23.377

Modified: 2026-04-24T14:50:56.203

Link: CVE-2026-35225

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T20:45:16Z

Weaknesses