3S CODESYS Runtime Toolkit < 2.4.7.48 PLCWinNT DoS (credentialed check)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

A programmable logic controller (PLC) runtime on the remote host is
affected by a denial of service vulnerability.

Description :

The 3S CODESYS Runtime Toolkit installed on the remote Windows host is
affected by a denial of service vulnerability in the PLCWinNT Runtime
service (TCP port 1200) due to improper sanitization of user-supplied
input. An unauthenticated, remote attacker can exploit this to crash
the service, via a crafted request that triggers a NULL pointer
deference.

See also :

http://www.tenable.com/security/research/tra-2015-03
https://ics-cert.us-cert.gov/advisories/ICSA-15-288-01

Solution :

Upgrade 3S CODESYS Runtime Toolkit to version 2.4.7.48 or higher.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: SCADA

Nessus Plugin ID: 86572 ()

Bugtraq ID:

CVE ID: CVE-2015-6482

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now