Smart Software Solutions GmbH (3S) manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface (SCADA/HMI) product. The Gateway Server listens on TCP port 1211.
3S CoDeSys Gateway Server 18.104.22.168 and earlier is vulnerable to stack buffer overflow. A remote attacker could exploit this vulnerability by sending a specially crafted packet to the Gateway Server on port 1211. Successful attack could result in complete control of the affected system.
Update to version 22.214.171.124.
This exploit was tested against CoDeSys 126.96.36.199 on Windows Server 2003 SP2 English with DEP OptOut.