Intrusion Prevention

3S-Smart.CODESYS.Gateway.Server.Integer.Overflow

Description

This indicates an attack attempt against an Integer Overflow vulnerability in Smart Software Solutions CoDeSys.
The vulnerability is due to a lack of validation of a user-supplied length value. Successful attacks may allow attackers to execute arbitrary code within the context of the service.

Affected Products

Smart Software Solutions CoDeSys 3.4 SP4 patch 2 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patches.

CVE References

CVE-2011-5008