Smart Software Solutions GmbH (3S) manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface (SCADA/HMI) product. The Gateway Server listens on TCP port 1211.
3S CoDeSys Gateway Server 184.108.40.206 and earlier is vulnerable to stack buffer overflow. A remote attacker could exploit this vulnerability by sending a specially crafted packet to the Gateway Server on port 1211. Successful attack could result in complete control of the affected system.
Update to version 220.127.116.11.
This exploit was tested against CoDeSys 18.104.22.168 on Windows Server 2003 SP2 English with DEP OptOut.