3S-Smart Software Solutions GmbH CODESYS Web Server (ICSA-18-032-02) – Product Used in the Energy Sector
ICS-CERT has released an advisory on a 3S-Smart Software Solutions GmbH CODESYS Web Server vulnerability. All Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19, are affected. Successful exploitation of this vulnerability could cause the device the attacker is accessing to crash, resulting in a buffer overflow condition that may allow remote code execution.
