CoDeSys Gateway Service < Use-After-Free

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

The remote host is running a SCADA data gateway service that is
affected by a use-after-free vulnerability.

Description :

The remote host is running a version of CoDeSys Gateway Service prior
to version It is, therefore, affected by a use-after-free
vulnerability that can be triggered by sending specially crafted packets
to the CoDeSys Gateway service listening on port 1211. Successful
exploitation may allow arbitrary code execution or result in a denial of
service condition.

See also :

Solution :

Upgrade CoDeSys Gateway to version

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: SCADA

Nessus Plugin ID: 66805 ()

Bugtraq ID: 60088

CVE ID: CVE-2013-2781