Smart Software Solutions GmbH (3S) manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface (SCADA/HMI) product. The Gateway Server listens on TCP port 1211.
3S CoDeSys Gateway Server 220.127.116.11 and earlier is vulnerable to stack buffer overflow. A remote attacker could exploit this vulnerability by sending a specially crafted packet to the Gateway Server on port 1211. Successful attack could result in complete control of the affected system.
Update to version 18.104.22.168.
This exploit was tested against CoDeSys 22.214.171.124 on Windows Server 2003 SP2 English with DEP OptOut.