CODESYS Gateway Server Fixed

Wednesday, September 16, 2015 @ 11:09 AM gHale

3S-Smart Software Solutions GmbH created a new version to mitigate a heap-based buffer overflow vulnerability in its CODESYS Gateway Server, according to a report on ICS-CERT.

The report came to ICS-CERT from HP’s Zero Day Initiative (ZDI) concerning who received the notice about the remotely exploitable vulnerability from security researcher Josep Pi Rodriguez.

GE Mitigates MDS PulseNET Holes
Advantech Fixes Buffer Overflow
Yokogawa Mitigates Buffer Overflows
Advantech WebAccess Buffer Overflow

CODESYS Gateway Server, Version and prior versions suffer from the issue.

Successful exploitation of this vulnerability could cause a buffer overflow condition that may allow remote code execution.

3S-Smart Software Solutions GmbH’s headquarters is in Kempten, Germany, and has distributors in more than 10 countries worldwide.

The affected product, CODESYS Gateway Server, is a software-defined server. This product is primarily in products in the critical manufacturing and energy sectors. 3S-Smart Software Solutions GmbH estimates these products see use on a global basis.

There are multiple heap-based buffer overflow vulnerabilities that could allow remote code execution.

CVE-2015-6460 is the case number assigned to this vulnerability, which ZDI assigned a CVSS v2 base score of 7.5.

No known public exploits specifically target this vulnerability. An attacker with low skill would be able to exploit this vulnerability.

3S-Smart Software Solutions GmbH released a new version of CODESYS, Version, which addresses the heap-based buffer overflow vulnerability. Click here for the CODESYS, Version Users will need a valid user account.

For additional information about the new version of CODESYS or questions about the vulnerability, click here for the CODESYS Support Team’s contact information.