CVE-2015-6460
3S-Smart CODESYS Gateway Server < 2.3.9.34 - Remote Code Execution via Opcode 0x3ef or 0x3f0
Title source: llmDescription
Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-15-442/
Third Party Advisory, VDB Entry x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-15-441/
Third Party Advisory, US Government Resource x_refsource_confirm
https://ics-cert.us-cert.gov/advisories/ICSA-15-258-02
Scores
EPSS
0.0621
EPSS Percentile
92.7%
Details
CWE
CWE-119
Status
published
Products (2)
3s-smart/codesys_gateway_server
< 2.3.9.34
CODESYS/3S-Smart CODESYS Gateway Server
V2 - 2.3.9.34
Published
Sep 18, 2015
Tracked Since
Feb 18, 2026