CoDeSys Gateway Service < 220.127.116.11 Use-After-Free
Critical Nessus Plugin ID 66805
SynopsisThe remote host is running a SCADA data gateway service that is affected by a use-after-free vulnerability.
DescriptionThe remote host is running a version of CoDeSys Gateway Service prior to version 18.104.22.168. It is, therefore, affected by a use-after-free vulnerability that can be triggered by sending specially crafted packets to the CoDeSys Gateway service listening on port 1211. Successful exploitation may allow arbitrary code execution or result in a denial of service condition.
SolutionUpgrade CoDeSys Gateway to version 22.214.171.124