CoDeSys Gateway Service < 188.8.131.52 Use-After-Free
Critical Nessus Plugin ID 66805
SynopsisThe remote host is running a SCADA data gateway service that is affected by a use-after-free vulnerability.
DescriptionThe remote host is running a version of CoDeSys Gateway Service prior to version 184.108.40.206. It is, therefore, affected by a use-after-free vulnerability that can be triggered by sending specially crafted packets to the CoDeSys Gateway service listening on port 1211. Successful exploitation may allow arbitrary code execution or result in a denial of service condition.
SolutionUpgrade CoDeSys Gateway to version 220.127.116.11