3S CODESYS Runtime Toolkit < PLCWinNT DoS (credentialed check)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.

Synopsis :

A programmable logic controller (PLC) runtime on the remote host is
affected by a denial of service vulnerability.

Description :

The 3S CODESYS Runtime Toolkit installed on the remote Windows host is
affected by a denial of service vulnerability in the PLCWinNT Runtime
service (TCP port 1200) due to improper sanitization of user-supplied
input. An unauthenticated, remote attacker can exploit this to crash
the service, via a crafted request that triggers a NULL pointer

See also :


Solution :

Upgrade 3S CODESYS Runtime Toolkit to version or higher.

Risk factor :

High / CVSS Base Score : 7.8

Family: SCADA

Nessus Plugin ID: 86572 ()

Bugtraq ID:

CVE ID: CVE-2015-6482

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now