Vulnerability Details CVE-2015-6460
Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.134
EPSS Ranking 93.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://zerodayinitiative.com/advisories/ZDI-15-441/
- http://zerodayinitiative.com/advisories/ZDI-15-442/
- https://ics-cert.us-cert.gov/advisories/ICSA-15-258-02
- http://zerodayinitiative.com/advisories/ZDI-15-441/
- http://zerodayinitiative.com/advisories/ZDI-15-442/
- https://ics-cert.us-cert.gov/advisories/ICSA-15-258-02
Products affected by CVE-2015-6460
-
cpe:2.3:a:3s-smart:codesys_gateway_server:*