TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.
http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01A.pdf
http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf