Find a vulnerability
Search criteria
19 vulnerabilities by Beckhoff Automation
CVE-2025-41728 (GCVE-0-2025-41728)
Vulnerability from nvd – Published: 2026-01-27 11:37 – Updated: 2026-01-27 13:49- CWE-125 - Out-of-bounds Read
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | Beckhoff.Device.Manager.XAR |
Affected:
0.0.0 , < 2.5.3
(semver)
|
|
| Beckhoff Automation | MDP software package for TwinCAT/BSD |
Affected:
0.0.0 , < 1.7.0.0
(semver)
|
|
| Beckhoff Automation | MDP for Beckhoff RT Linux(R) |
Affected:
0.0.0 , < 0.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41728",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T13:49:39.412692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T13:49:51.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Beckhoff.Device.Manager.XAR",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP software package for TwinCAT/BSD",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "1.7.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP for Beckhoff RT Linux(R)",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "0.0.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Giubertoni from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T11:37:55.689Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-092"
}
],
"source": {
"advisory": "VDE-2025-092",
"defect": [
"CERT@VDE#641867"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: Information leak via Beckhoff Device Manager",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41728",
"datePublished": "2026-01-27T11:37:55.689Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2026-01-27T13:49:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41727 (GCVE-0-2025-41727)
Vulnerability from nvd – Published: 2026-01-27 11:36 – Updated: 2026-01-27 13:53- CWE-420 - Unprotected Alternate Channel
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | Beckhoff.Device.Manager.XAR |
Affected:
0.0.0 , < 2.5.3
(semver)
|
|
| Beckhoff Automation | MDP software package for TwinCAT/BSD |
Affected:
0.0.0 , < 1.7.0.0
(semver)
|
|
| Beckhoff Automation | MDP for Beckhoff RT Linux(R) |
Affected:
0.0.0 , < 0.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T13:52:11.980827Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T13:53:55.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Beckhoff.Device.Manager.XAR",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP software package for TwinCAT/BSD",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "1.7.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP for Beckhoff RT Linux(R)",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "0.0.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Giubertoni from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.\u003cbr\u003e"
}
],
"value": "A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420 Unprotected Alternate Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T11:36:54.619Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-092"
}
],
"source": {
"advisory": "VDE-2025-092",
"defect": [
"CERT@VDE#641867"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: Performing privileged operations and gaining administrator access",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41727",
"datePublished": "2026-01-27T11:36:54.619Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2026-01-27T13:53:55.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41726 (GCVE-0-2025-41726)
Vulnerability from nvd – Published: 2026-01-27 11:35 – Updated: 2026-01-27 14:08- CWE-190 - Integer Overflow or Wraparound
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | Beckhoff.Device.Manager.XAR |
Affected:
0.0.0 , < 2.5.3
(semver)
|
|
| Beckhoff Automation | MDP software package for TwinCAT/BSD |
Affected:
0.0.0 , < 1.7.0.0
(semver)
|
|
| Beckhoff Automation | MDP for Beckhoff RT Linux(R) |
Affected:
0.0.0 , < 0.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T14:02:23.024430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T14:08:37.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Beckhoff.Device.Manager.XAR",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP software package for TwinCAT/BSD",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "1.7.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP for Beckhoff RT Linux(R)",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "0.0.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Giubertoni from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T11:35:37.391Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-092"
}
],
"source": {
"advisory": "VDE-2025-092",
"defect": [
"CERT@VDE#641867"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: Arbitrary code execution within privileged processes",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41726",
"datePublished": "2026-01-27T11:35:37.391Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2026-01-27T14:08:37.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41768 (GCVE-0-2025-41768)
Vulnerability from nvd – Published: 2026-01-20 08:02 – Updated: 2026-02-12 09:00- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | TwinCAT.HMI.Server |
Affected:
0.0.0 , < 14.4.267
(semver)
|
|
| Beckhoff Automation | TF2000-HMI-Server |
Affected:
0.0.0 , < 14.4.267
(semver)
|
|
| Beckhoff Automation | tf2000-hmi-server |
Affected:
0.0.0 , < 14.4.267
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T19:30:51.378202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T19:32:34.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TwinCAT.HMI.Server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "14.4.267",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TF2000-HMI-Server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "14.4.267",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "tf2000-hmi-server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "14.4.267",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Roby Firnando Yusuf from Jeonbuk National University"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027)."
}
],
"value": "An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T09:00:27.685Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-106"
}
],
"source": {
"advisory": "VDE-2025-106",
"defect": [
"CERT@VDE#641900"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41768",
"datePublished": "2026-01-20T08:02:53.356Z",
"dateReserved": "2025-04-16T11:18:45.761Z",
"dateUpdated": "2026-02-12T09:00:27.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-34594 (GCVE-0-2021-34594)
Vulnerability from nvd – Published: 2021-11-04 09:50 – Updated: 2024-09-16 22:03- CWE-23 - Relative Path Traversal
| URL | Tags |
|---|---|
| https://cert.vde.com/en/advisories/VDE-2021-051/ | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | TwinCAT OPC UA Server |
Affected:
TF6100 , < 4.3.48.0
(custom)
Affected: TS6100 , < 4.3.48.0 (custom) Affected: TcOpcUaServer version , < 3.2.0.19423 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:46.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TwinCAT OPC UA Server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "4.3.48.0",
"status": "affected",
"version": "TF6100",
"versionType": "custom"
},
{
"lessThan": "4.3.48.0",
"status": "affected",
"version": "TS6100",
"versionType": "custom"
},
{
"lessThan": "3.2.0.19423",
"status": "affected",
"version": "TcOpcUaServer version",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Beckhoff Automation thanks Johannes Oleg\u00e5rd, Emre S\u00fcren, and Robert Lagerstr\u00f6m for reporting the issue and for support and efforts with the coordinated disclosure."
}
],
"datePublic": "2021-11-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T09:50:09.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
],
"solutions": [
{
"lang": "en",
"value": "Please update to a recent version of the affected product (TF6100 or TS6100 version \u003e= 4.3.48.0)"
}
],
"source": {
"advisory": "VDE-2021-051",
"discovery": "EXTERNAL"
},
"title": "Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2021-11-04T06:00:00.000Z",
"ID": "CVE-2021-34594",
"STATE": "PUBLIC",
"TITLE": "Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TwinCAT OPC UA Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "TF6100",
"version_value": "4.3.48.0"
},
{
"version_affected": "\u003c",
"version_name": "TS6100",
"version_value": "4.3.48.0"
},
{
"version_affected": "\u003c",
"version_name": "TcOpcUaServer version",
"version_value": "3.2.0.19423"
}
]
}
}
]
},
"vendor_name": "Beckhoff Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Beckhoff Automation thanks Johannes Oleg\u00e5rd, Emre S\u00fcren, and Robert Lagerstr\u00f6m for reporting the issue and for support and efforts with the coordinated disclosure."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23 Relative Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/en/advisories/VDE-2021-051/",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
]
},
"solution": [
{
"lang": "en",
"value": "Please update to a recent version of the affected product (TF6100 or TS6100 version \u003e= 4.3.48.0)"
}
],
"source": {
"advisory": "VDE-2021-051",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2021-34594",
"datePublished": "2021-11-04T09:50:09.275Z",
"dateReserved": "2021-06-10T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:03:44.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41728 (GCVE-0-2025-41728)
Vulnerability from cvelistv5 – Published: 2026-01-27 11:37 – Updated: 2026-01-27 13:49- CWE-125 - Out-of-bounds Read
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | Beckhoff.Device.Manager.XAR |
Affected:
0.0.0 , < 2.5.3
(semver)
|
|
| Beckhoff Automation | MDP software package for TwinCAT/BSD |
Affected:
0.0.0 , < 1.7.0.0
(semver)
|
|
| Beckhoff Automation | MDP for Beckhoff RT Linux(R) |
Affected:
0.0.0 , < 0.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41728",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T13:49:39.412692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T13:49:51.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Beckhoff.Device.Manager.XAR",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP software package for TwinCAT/BSD",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "1.7.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP for Beckhoff RT Linux(R)",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "0.0.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Giubertoni from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T11:37:55.689Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-092"
}
],
"source": {
"advisory": "VDE-2025-092",
"defect": [
"CERT@VDE#641867"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: Information leak via Beckhoff Device Manager",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41728",
"datePublished": "2026-01-27T11:37:55.689Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2026-01-27T13:49:51.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41727 (GCVE-0-2025-41727)
Vulnerability from cvelistv5 – Published: 2026-01-27 11:36 – Updated: 2026-01-27 13:53- CWE-420 - Unprotected Alternate Channel
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | Beckhoff.Device.Manager.XAR |
Affected:
0.0.0 , < 2.5.3
(semver)
|
|
| Beckhoff Automation | MDP software package for TwinCAT/BSD |
Affected:
0.0.0 , < 1.7.0.0
(semver)
|
|
| Beckhoff Automation | MDP for Beckhoff RT Linux(R) |
Affected:
0.0.0 , < 0.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T13:52:11.980827Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T13:53:55.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Beckhoff.Device.Manager.XAR",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP software package for TwinCAT/BSD",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "1.7.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP for Beckhoff RT Linux(R)",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "0.0.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Giubertoni from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.\u003cbr\u003e"
}
],
"value": "A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-420",
"description": "CWE-420 Unprotected Alternate Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T11:36:54.619Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-092"
}
],
"source": {
"advisory": "VDE-2025-092",
"defect": [
"CERT@VDE#641867"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: Performing privileged operations and gaining administrator access",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41727",
"datePublished": "2026-01-27T11:36:54.619Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2026-01-27T13:53:55.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41726 (GCVE-0-2025-41726)
Vulnerability from cvelistv5 – Published: 2026-01-27 11:35 – Updated: 2026-01-27 14:08- CWE-190 - Integer Overflow or Wraparound
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | Beckhoff.Device.Manager.XAR |
Affected:
0.0.0 , < 2.5.3
(semver)
|
|
| Beckhoff Automation | MDP software package for TwinCAT/BSD |
Affected:
0.0.0 , < 1.7.0.0
(semver)
|
|
| Beckhoff Automation | MDP for Beckhoff RT Linux(R) |
Affected:
0.0.0 , < 0.0.5
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T14:02:23.024430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T14:08:37.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Beckhoff.Device.Manager.XAR",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP software package for TwinCAT/BSD",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "1.7.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDP for Beckhoff RT Linux(R)",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "0.0.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Giubertoni from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T11:35:37.391Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-092"
}
],
"source": {
"advisory": "VDE-2025-092",
"defect": [
"CERT@VDE#641867"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: Arbitrary code execution within privileged processes",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41726",
"datePublished": "2026-01-27T11:35:37.391Z",
"dateReserved": "2025-04-16T11:17:48.318Z",
"dateUpdated": "2026-01-27T14:08:37.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41768 (GCVE-0-2025-41768)
Vulnerability from cvelistv5 – Published: 2026-01-20 08:02 – Updated: 2026-02-12 09:00- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | TwinCAT.HMI.Server |
Affected:
0.0.0 , < 14.4.267
(semver)
|
|
| Beckhoff Automation | TF2000-HMI-Server |
Affected:
0.0.0 , < 14.4.267
(semver)
|
|
| Beckhoff Automation | tf2000-hmi-server |
Affected:
0.0.0 , < 14.4.267
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T19:30:51.378202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T19:32:34.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "TwinCAT.HMI.Server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "14.4.267",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TF2000-HMI-Server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "14.4.267",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "tf2000-hmi-server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "14.4.267",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Roby Firnando Yusuf from Jeonbuk National University"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027)."
}
],
"value": "An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T09:00:27.685Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-106"
}
],
"source": {
"advisory": "VDE-2025-106",
"defect": [
"CERT@VDE#641900"
],
"discovery": "UNKNOWN"
},
"title": "Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41768",
"datePublished": "2026-01-20T08:02:53.356Z",
"dateReserved": "2025-04-16T11:18:45.761Z",
"dateUpdated": "2026-02-12T09:00:27.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-34594 (GCVE-0-2021-34594)
Vulnerability from cvelistv5 – Published: 2021-11-04 09:50 – Updated: 2024-09-16 22:03- CWE-23 - Relative Path Traversal
| URL | Tags |
|---|---|
| https://cert.vde.com/en/advisories/VDE-2021-051/ | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Beckhoff Automation | TwinCAT OPC UA Server |
Affected:
TF6100 , < 4.3.48.0
(custom)
Affected: TS6100 , < 4.3.48.0 (custom) Affected: TcOpcUaServer version , < 3.2.0.19423 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:46.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TwinCAT OPC UA Server",
"vendor": "Beckhoff Automation",
"versions": [
{
"lessThan": "4.3.48.0",
"status": "affected",
"version": "TF6100",
"versionType": "custom"
},
{
"lessThan": "4.3.48.0",
"status": "affected",
"version": "TS6100",
"versionType": "custom"
},
{
"lessThan": "3.2.0.19423",
"status": "affected",
"version": "TcOpcUaServer version",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Beckhoff Automation thanks Johannes Oleg\u00e5rd, Emre S\u00fcren, and Robert Lagerstr\u00f6m for reporting the issue and for support and efforts with the coordinated disclosure."
}
],
"datePublic": "2021-11-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T09:50:09.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
],
"solutions": [
{
"lang": "en",
"value": "Please update to a recent version of the affected product (TF6100 or TS6100 version \u003e= 4.3.48.0)"
}
],
"source": {
"advisory": "VDE-2021-051",
"discovery": "EXTERNAL"
},
"title": "Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2021-11-04T06:00:00.000Z",
"ID": "CVE-2021-34594",
"STATE": "PUBLIC",
"TITLE": "Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TwinCAT OPC UA Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "TF6100",
"version_value": "4.3.48.0"
},
{
"version_affected": "\u003c",
"version_name": "TS6100",
"version_value": "4.3.48.0"
},
{
"version_affected": "\u003c",
"version_name": "TcOpcUaServer version",
"version_value": "3.2.0.19423"
}
]
}
}
]
},
"vendor_name": "Beckhoff Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Beckhoff Automation thanks Johannes Oleg\u00e5rd, Emre S\u00fcren, and Robert Lagerstr\u00f6m for reporting the issue and for support and efforts with the coordinated disclosure."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23 Relative Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/en/advisories/VDE-2021-051/",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
]
},
"solution": [
{
"lang": "en",
"value": "Please update to a recent version of the affected product (TF6100 or TS6100 version \u003e= 4.3.48.0)"
}
],
"source": {
"advisory": "VDE-2021-051",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2021-34594",
"datePublished": "2021-11-04T09:50:09.275Z",
"dateReserved": "2021-06-10T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:03:44.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201610-0668
Vulnerability from variot - Updated: 2025-11-18 15:29Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service. Beckhoff Embedded PC Images is an industrial control system that is installed in the control cabinet and can be functionally configured. Automation Device Specification (ADS) TwinCAT Components is a PC real-time controller software product. Beckhoff Embedded PC images have a security vulnerability in versions prior to 2014-10-22 and in the Automation Device Specificatios TwinCAT component. Multiple Beckhoff Products are prone to multiple security-bypass vulnerabilities. Successfully exploiting these issues may allow attackers to perform unauthorized actions. This may lead to other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "embedded pc images",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": null
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": null
},
{
"model": "twincat",
"scope": null,
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
},
{
"model": "embedded pc images",
"scope": "lt",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "2014-10-22 earlier"
},
{
"model": "embedded pc images",
"scope": "lt",
"trust": 0.6,
"vendor": "beckhoff",
"version": "2014-10-22"
},
{
"model": "automation device specification twincat components",
"scope": null,
"trust": 0.6,
"vendor": "beckhoff",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "embedded pc images",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "twincat",
"version": null
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "0"
},
{
"model": "embedded pc",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "0"
}
],
"sources": [
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:twincat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:beckhoff:embedded_pc_images",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marko Schuba from FH Aachen University of Applied Sciences.",
"sources": [
{
"db": "BID",
"id": "93349"
}
],
"trust": 0.3
},
"cve": "CVE-2014-5415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-5415",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-08764",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d722f71-463f-11e9-8b02-000c29342cb1",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-5415",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-5415",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-5415",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2014-5415",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2014-5415",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2016-08764",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-014",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service. Beckhoff Embedded PC Images is an industrial control system that is installed in the control cabinet and can be functionally configured. Automation Device Specification (ADS) TwinCAT Components is a PC real-time controller software product. Beckhoff Embedded PC images have a security vulnerability in versions prior to 2014-10-22 and in the Automation Device Specificatios TwinCAT component. Multiple Beckhoff Products are prone to multiple security-bypass vulnerabilities. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions. This may lead to other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5415"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5415",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-16-278-02",
"trust": 3.3
},
{
"db": "BID",
"id": "93349",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2016-08764",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D722F71-463F-11E9-8B02-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "0E4C5094-4469-481E-B710-FF49B9BC9BF0",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"id": "VAR-201610-0668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
}
],
"trust": 1.7916666666666665
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
}
]
},
"last_update_date": "2025-11-18T15:29:29.429000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory 2014-002: ADS communication port allows password bruteforce",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/ipc/industrial-pc/advisory-2014-002.pdf"
},
{
"title": "Advisory 2014-003: Recommendation to change default passwords",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/ipc/industrial-pc/advisory-2014-003.pdf"
},
{
"title": "Documentation about IPC Security",
"trust": 0.8,
"url": "https://download.beckhoff.com/download/Document/ipc/industrial-pc/ipc_security_en.pdf"
},
{
"title": "Advisory 2014-001: Potential misuse of several administrative services",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/ipc/industrial-pc/advisory-2014-001.pdf"
},
{
"title": "Patch for Beckhoff Embedded PC Image and Automation Device Specification TwinCAT Component Security Bypass Vulnerability (CNVD-2016-08764)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/82316"
},
{
"title": "Beckhoff Embedded PC Image and Automation Device Specification TwinCAT Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64454"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
},
{
"problemtype": "CWE-749",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-278-02"
},
{
"trust": 1.0,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2014-001.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93349"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02"
},
{
"trust": 1.0,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2014-003.pdf"
},
{
"trust": 1.0,
"url": "https://github.com/cisagov/csaf/blob/develop/csaf_files/ot/white/2016/icsa-16-278-02.json"
},
{
"trust": 1.0,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2014-002.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5415"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5415"
},
{
"trust": 0.3,
"url": "http://www.beckhoff.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-13T00:00:00",
"db": "IVD",
"id": "7d722f71-463f-11e9-8b02-000c29342cb1"
},
{
"date": "2016-10-13T00:00:00",
"db": "IVD",
"id": "0e4c5094-4469-481e-b710-ff49b9bc9bf0"
},
{
"date": "2016-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"date": "2016-10-04T00:00:00",
"db": "BID",
"id": "93349"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"date": "2016-10-05T10:59:01.280000",
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08764"
},
{
"date": "2016-10-10T00:04:00",
"db": "BID",
"id": "93349"
},
{
"date": "2016-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-014"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008183"
},
{
"date": "2025-11-05T00:15:33.743000",
"db": "NVD",
"id": "CVE-2014-5415"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff Embedded PC Images And automation device specifications TwinCAT Vulnerabilities that can gain access to components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008183"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-014"
}
],
"trust": 0.6
}
}
VAR-201610-0667
Vulnerability from variot - Updated: 2025-11-18 15:29Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlRound robin by a third party (brute-force) Access may be gained through an attack. Beckhoff Embedded PC Images is an industrial control system that is installed in the control cabinet and can be functionally configured. A remote attacker can exploit the vulnerability to gain access by implementing a brute force attack. Multiple Beckhoff Products are prone to multiple security-bypass vulnerabilities. Successfully exploiting these issues may allow attackers to perform unauthorized actions. This may lead to other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0667",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "embedded pc images",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": null
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": null
},
{
"model": "twincat",
"scope": null,
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
},
{
"model": "embedded pc images",
"scope": "lt",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "2014-10-22 earlier"
},
{
"model": "embedded pc images",
"scope": "lt",
"trust": 0.6,
"vendor": "beckhoff",
"version": "2014-10-22"
},
{
"model": "automation device specification twincat components",
"scope": null,
"trust": 0.6,
"vendor": "beckhoff",
"version": null
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "0"
},
{
"model": "embedded pc",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "embedded pc images",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "twincat",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:twincat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:beckhoff:embedded_pc_images",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marko Schuba from FH Aachen University of Applied Sciences.",
"sources": [
{
"db": "BID",
"id": "93349"
}
],
"trust": 0.3
},
"cve": "CVE-2014-5414",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-5414",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-08763",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-5414",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-5414",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-5414",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2014-5414",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2014-5414",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2016-08763",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-015",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlRound robin by a third party (brute-force) Access may be gained through an attack. Beckhoff Embedded PC Images is an industrial control system that is installed in the control cabinet and can be functionally configured. A remote attacker can exploit the vulnerability to gain access by implementing a brute force attack. Multiple Beckhoff Products are prone to multiple security-bypass vulnerabilities. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions. This may lead to other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-5414"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-5414",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-16-278-02",
"trust": 3.3
},
{
"db": "BID",
"id": "93349",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2016-08763",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182",
"trust": 0.8
},
{
"db": "IVD",
"id": "88E6BECC-FA01-4A7F-98AF-3AFE1A8C3618",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"id": "VAR-201610-0667",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
}
],
"trust": 1.5916666666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
}
]
},
"last_update_date": "2025-11-18T15:29:29.392000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory 2014-002: ADS communication port allows password bruteforce",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/ipc/industrial-pc/advisory-2014-002.pdf"
},
{
"title": "Advisory 2014-003: Recommendation to change default passwords",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/ipc/industrial-pc/advisory-2014-003.pdf"
},
{
"title": "Documentation about IPC Security",
"trust": 0.8,
"url": "https://download.beckhoff.com/download/Document/ipc/industrial-pc/ipc_security_en.pdf"
},
{
"title": "Advisory 2014-001: Potential misuse of several administrative services",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/ipc/industrial-pc/advisory-2014-001.pdf"
},
{
"title": "Beckhoff Embedded PC Image and Automation Device Specification TwinCAT Component Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/82315"
},
{
"title": "Beckhoff Embedded PC Image and Automation Device Specification TwinCAT Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64455"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-307",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-278-02"
},
{
"trust": 1.0,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2014-001.pdf"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93349"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02"
},
{
"trust": 1.0,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2014-003.pdf"
},
{
"trust": 1.0,
"url": "https://github.com/cisagov/csaf/blob/develop/csaf_files/ot/white/2016/icsa-16-278-02.json"
},
{
"trust": 1.0,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2014-002.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5414"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5414"
},
{
"trust": 0.3,
"url": "http://www.beckhoff.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"db": "BID",
"id": "93349"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-13T00:00:00",
"db": "IVD",
"id": "88e6becc-fa01-4a7f-98af-3afe1a8c3618"
},
{
"date": "2016-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"date": "2016-10-04T00:00:00",
"db": "BID",
"id": "93349"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"date": "2016-10-05T10:59:00.187000",
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-08763"
},
{
"date": "2016-10-10T00:04:00",
"db": "BID",
"id": "93349"
},
{
"date": "2016-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-015"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-008182"
},
{
"date": "2025-11-05T00:15:32.700000",
"db": "NVD",
"id": "CVE-2014-5414"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff Embedded PC Images And automation device specifications TwinCAT Vulnerabilities that can gain access to components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-008182"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-015"
}
],
"trust": 0.6
}
}
VAR-201506-0271
Vulnerability from variot - Updated: 2025-04-13 23:34Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlService disruption through a crafted request by a third party ( Reboot or shutdown ) It can be unspecified, such as being in a state or creating an arbitrary user. Beckhoff IPC Diagnostics is a set of support software pre-installed in all Beckhoff IPC/PLC (Programmable Logic Controllers) running on the Microsoft Windows operating system. Beckhoff IPC diagnostics is prone to multiple authentication-bypass vulnerabilities. An attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipc diagnostics",
"scope": "lte",
"trust": 1.0,
"vendor": "beckhoff",
"version": "1.7"
},
{
"model": "ipc diagnostics",
"scope": "lt",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "1.8"
},
{
"model": "ipc diagnostics",
"scope": "lt",
"trust": 0.6,
"vendor": "beckhoff",
"version": "1.8"
},
{
"model": "ipc diagnostics",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": "1.7"
},
{
"model": "ipc diagnostics",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "0"
},
{
"model": "ipc diagnostics",
"scope": "ne",
"trust": 0.3,
"vendor": "beckhoff",
"version": "1.8.1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ipc diagnostics",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "BID",
"id": "75042"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:ipc_diagnostics",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Frank Lycops",
"sources": [
{
"db": "BID",
"id": "75042"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4051",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4051",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03767",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "8c82b264-2351-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4051",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-4051",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-03767",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-118",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2015-4051",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "VULMON",
"id": "CVE-2015-4051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlService disruption through a crafted request by a third party ( Reboot or shutdown ) It can be unspecified, such as being in a state or creating an arbitrary user. Beckhoff IPC Diagnostics is a set of support software pre-installed in all Beckhoff IPC/PLC (Programmable Logic Controllers) running on the Microsoft Windows operating system. Beckhoff IPC diagnostics is prone to multiple authentication-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4051"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "BID",
"id": "75042"
},
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2015-4051"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4051",
"trust": 3.6
},
{
"db": "BID",
"id": "75042",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "134071",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "132168",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-03767",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-118",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962",
"trust": 0.8
},
{
"db": "IVD",
"id": "8C82B264-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2015-4051",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "VULMON",
"id": "CVE-2015-4051"
},
{
"db": "BID",
"id": "75042"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"id": "VAR-201506-0271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
}
]
},
"last_update_date": "2025-04-13T23:34:04.586000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory 2015-001: Potential misuse of IPC Diagnostics \u003c 1.8 backend",
"trust": 0.8,
"url": "http://ftp.beckhoff.com/download/document/IndustPC/Advisory-2015-001.pdf"
},
{
"title": "Beckhoff IPC Diagnostics patch for any user to create vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/59525"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://seclists.org/fulldisclosure/2015/jun/10"
},
{
"trust": 2.0,
"url": "http://www.thesecurityfactory.be/permalink/beckhoff-authentication-bypass.html"
},
{
"trust": 2.0,
"url": "http://ftp.beckhoff.com/download/document/industpc/advisory-2015-001.pdf"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/75042"
},
{
"trust": 1.2,
"url": "http://packetstormsecurity.com/files/132168/beckhoff-ipc-diagnositcs-authentication-bypass.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/134071/beckoff-cx9020-cpu-model-remote-code-execution.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4051"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4051"
},
{
"trust": 0.3,
"url": "http://beckhoff.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/284.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "VULMON",
"id": "CVE-2015-4051"
},
{
"db": "BID",
"id": "75042"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"db": "VULMON",
"id": "CVE-2015-4051"
},
{
"db": "BID",
"id": "75042"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "IVD",
"id": "8c82b264-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"date": "2015-06-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4051"
},
{
"date": "2015-06-05T00:00:00",
"db": "BID",
"id": "75042"
},
{
"date": "2015-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"date": "2015-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"date": "2015-06-08T14:59:12.790000",
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03767"
},
{
"date": "2016-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2015-4051"
},
{
"date": "2015-06-05T00:00:00",
"db": "BID",
"id": "75042"
},
{
"date": "2015-06-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002962"
},
{
"date": "2015-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-118"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4051"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-118"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff IPC Diagnostics Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002962"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "75042"
}
],
"trust": 0.3
}
}
VAR-201109-0179
Vulnerability from variot - Updated: 2025-04-11 23:05Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. Beckhoff TwinCAT is a PC-based software solution that provides complete CNC functionality. TwinCAT is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the application, denying service to legitimate users. TwinCAT 2.11 R2 Build 2032 is vulnerable. Other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "2.8"
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "2.10"
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "2.7"
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "2.9"
},
{
"model": "twincat",
"scope": "lte",
"trust": 1.0,
"vendor": "beckhoff",
"version": "2.11.0.2004"
},
{
"model": "automation twincat r2 build",
"scope": "eq",
"trust": 0.9,
"vendor": "beckhoff",
"version": "2.112032"
},
{
"model": "twincat",
"scope": "lte",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "2.11.0.2004"
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": "2.11.0.2004"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "twincat",
"version": "2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "twincat",
"version": "2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "twincat",
"version": "2.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "twincat",
"version": "2.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "twincat",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"db": "BID",
"id": "49599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:twincat",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "49599"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-194"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3486",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3486",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "a550703a-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3486",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-3486",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201109-259",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. Beckhoff TwinCAT is a PC-based software solution that provides complete CNC functionality. TwinCAT is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash the application, denying service to legitimate users. \nTwinCAT 2.11 R2 Build 2032 is vulnerable. Other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3486"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"db": "BID",
"id": "49599"
},
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3486",
"trust": 3.1
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-256-06",
"trust": 2.4
},
{
"db": "BID",
"id": "49599",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259",
"trust": 1.0
},
{
"db": "SREASON",
"id": "8380",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "75495",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2011-3654",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201109-194",
"trust": 0.6
},
{
"db": "IVD",
"id": "69BC2D86-1F88-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "A550703A-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"db": "BID",
"id": "49599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-194"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"id": "VAR-201109-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3654"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3654"
}
]
},
"last_update_date": "2025-04-11T23:05:48.523000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TwinCAT",
"trust": 0.8,
"url": "http://www.beckhoff.de/twincat/"
},
{
"title": "\u30d1\u30fc\u30c8\u30ca\u30fc\u60c5\u5831",
"trust": 0.8,
"url": "http://www.kmecs.com/products/maker_cgl.cgi?id=7"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.beckhoff.co.jp/jp/default.htm?beckhoff/contact.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://aluigi.altervista.org/adv/twincat_1-adv.txt"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-06.pdf"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-11-279-04.pdf"
},
{
"trust": 1.0,
"url": "http://osvdb.org/75495"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69765"
},
{
"trust": 1.0,
"url": "http://securityreason.com/securityalert/8380"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3486"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3486"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49599"
},
{
"trust": 0.3,
"url": "http://www.beckhoff.de/english.asp?twincat/default.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"db": "BID",
"id": "49599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-194"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"db": "BID",
"id": "49599"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-194"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-19T00:00:00",
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"date": "2011-09-13T00:00:00",
"db": "BID",
"id": "49599"
},
{
"date": "2011-09-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-194"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"date": "2011-09-16T14:28:11.950000",
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3654"
},
{
"date": "2011-10-11T17:00:00",
"db": "BID",
"id": "49599"
},
{
"date": "2012-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002269"
},
{
"date": "2011-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-194"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-259"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-3486"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-194"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TwinCAT \u0027TCATSysSrv.exe\u0027 Network Packet Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "49599"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-194"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "69bc2d86-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "a550703a-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-259"
}
],
"trust": 1.0
}
}
VAR-201911-0393
Vulnerability from variot - Updated: 2024-11-23 23:11When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior). Beckhoff TwinCAT Contains a vulnerability related to division by zero.Service operation interruption (DoS) There is a possibility of being put into a state. Beckhoff TwinCAT is a software system consisting of a real-time environment and a real-time system that executes control programs in the development environment of the German Beckhoff company. This system is mainly used for PLC (Programmable Logic Controller) programming, diagnostics, and system configuration.
There are security vulnerabilities in Beckhoff TwinCAT 2 Build 2304 and earlier and 3.1 Build 4024.0 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-0393",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "3.1.4022.29"
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "3.1.4022.30"
},
{
"model": "twincat",
"scope": null,
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
},
{
"model": "twincat build",
"scope": "lte",
"trust": 0.6,
"vendor": "beckhoff",
"version": "\u003c=22304"
},
{
"model": "twincat build",
"scope": "lte",
"trust": 0.6,
"vendor": "beckhoff",
"version": "\u003c=3.14024.0"
},
{
"model": "twincat cx5140",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": null
},
{
"model": "twincat cx2030",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:twincat",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
}
]
},
"cve": "CVE-2019-5637",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-5637",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-02830",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-5637",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-012810",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-5637",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@rapid7.com",
"id": "CVE-2019-5637",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-5637",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-02830",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1270",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior). Beckhoff TwinCAT Contains a vulnerability related to division by zero.Service operation interruption (DoS) There is a possibility of being put into a state. Beckhoff TwinCAT is a software system consisting of a real-time environment and a real-time system that executes control programs in the development environment of the German Beckhoff company. This system is mainly used for PLC (Programmable Logic Controller) programming, diagnostics, and system configuration. \n\nThere are security vulnerabilities in Beckhoff TwinCAT 2 Build 2304 and earlier and 3.1 Build 4024.0 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-5637"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNVD",
"id": "CNVD-2020-02830"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-5637",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-02830",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"id": "VAR-201911-0393",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
}
]
},
"last_update_date": "2024-11-23T23:11:38.238000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Beckhoff SecurityAdvisory 2019-07: Denial-of-Service on TwinCAT using Profinet protocol",
"trust": 0.8,
"url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf"
},
{
"title": "Patch for Beckhoff TwinCAT Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/197593"
},
{
"title": "Beckhoff TwinCAT Fixes for digital error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=104684"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-369",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5637"
},
{
"trust": 1.6,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2019-007.pdf"
},
{
"trust": 1.6,
"url": "https://blog.rapid7.com/2019/10/08/r7-2019-32-denial-of-service-vulnerabilities-in-beckhoff-twincat-plc-environment-fixed/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5637"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"date": "2019-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"date": "2019-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"date": "2019-11-21T20:15:15.990000",
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-02830"
},
{
"date": "2019-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012810"
},
{
"date": "2020-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1270"
},
{
"date": "2024-11-21T04:45:17.030000",
"db": "NVD",
"id": "CVE-2019-5637"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff TwinCAT Vulnerable to division by zero",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012810"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1270"
}
],
"trust": 0.6
}
}
VAR-201803-2203
Vulnerability from variot - Updated: 2024-11-23 22:52Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges. Beckhoff TwinCAT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Beckhoff TwinCAT system software \"remodels\" any compatible PC into a real-time controller with a multi-PLC system, NC axis control system, programming environment and operator station, replacing traditional PLC and NC/CNC controllers and operating equipment. There is an untrusted pointer reference vulnerability in TwinCAT. Beckhoff TwinCAT is prone to multiple local privilege-escalation vulnerabilities. Beckhoff TwinCAT 2 and 3.1 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-2203",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "twincat",
"scope": "eq",
"trust": 1.9,
"vendor": "beckhoff",
"version": "3.1"
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "2.11"
},
{
"model": "twincat c\\+\\+",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "3.1"
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "2.11 r3 2259"
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "3.1"
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "3.1 build 4022.4"
},
{
"model": "twincat build",
"scope": "lte",
"trust": 0.6,
"vendor": "beckhoff",
"version": "\u003c=3.14022.4"
},
{
"model": "twincat r3",
"scope": "lte",
"trust": 0.6,
"vendor": "beckhoff",
"version": "\u003c=2.112259"
},
{
"model": "twincat c ++/matlab",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": "3.1"
},
{
"model": "twincat build",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "3.14022.4"
},
{
"model": "twincat build",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "3.14022"
},
{
"model": "twincat r3",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "2.112259"
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.3,
"vendor": "beckhoff",
"version": "2"
},
{
"model": "twincat build",
"scope": "ne",
"trust": 0.3,
"vendor": "beckhoff",
"version": "3.14022.14"
},
{
"model": "twincat r3",
"scope": "ne",
"trust": 0.3,
"vendor": "beckhoff",
"version": "2.112300"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "twincat",
"version": "2.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "twincat",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "twincat c",
"version": "3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "BID",
"id": "103487"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:twincat",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley of Source Incite",
"sources": [
{
"db": "BID",
"id": "103487"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
}
],
"trust": 0.9
},
"cve": "CVE-2018-7502",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7502",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-06288",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-7502",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7502",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7502",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-06288",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-837",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-7502",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "VULMON",
"id": "CVE-2018-7502"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges. Beckhoff TwinCAT Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Beckhoff TwinCAT system software \\\"remodels\\\" any compatible PC into a real-time controller with a multi-PLC system, NC axis control system, programming environment and operator station, replacing traditional PLC and NC/CNC controllers and operating equipment. There is an untrusted pointer reference vulnerability in TwinCAT. Beckhoff TwinCAT is prone to multiple local privilege-escalation vulnerabilities. \nBeckhoff TwinCAT 2 and 3.1 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7502"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "BID",
"id": "103487"
},
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "VULMON",
"id": "CVE-2018-7502"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7502",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-081-02",
"trust": 2.8
},
{
"db": "BID",
"id": "103487",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2018-06288",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "39182",
"trust": 0.6
},
{
"db": "IVD",
"id": "E2E9BA2E-39AB-11E9-A5B1-000C29342CB1",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2018-7502",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "VULMON",
"id": "CVE-2018-7502"
},
{
"db": "BID",
"id": "103487"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"id": "VAR-201803-2203",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
}
],
"trust": 1.675
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
}
]
},
"last_update_date": "2024-11-23T22:52:10.477000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory 2018-001: TwinCAT 2 and 3.1 Kernel Driver Privilege Escalation",
"trust": 0.8,
"url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf"
},
{
"title": "Beckhoff TwinCAT patch for untrusted pointer reference vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/123311"
},
{
"title": "Beckhoff TwinCAT Kernal Fixes for driver permission and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79382"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
},
{
"problemtype": "CWE-822",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-081-02"
},
{
"trust": 2.6,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2018-001.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/103487"
},
{
"trust": 1.1,
"url": "https://srcincite.io/advisories/src-2018-0007/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7502"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7502"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/39182"
},
{
"trust": 0.3,
"url": "http://beckhoff.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "VULMON",
"id": "CVE-2018-7502"
},
{
"db": "BID",
"id": "103487"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"db": "VULMON",
"id": "CVE-2018-7502"
},
{
"db": "BID",
"id": "103487"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-26T00:00:00",
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"date": "2018-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7502"
},
{
"date": "2018-03-22T00:00:00",
"db": "BID",
"id": "103487"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"date": "2018-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"date": "2018-03-23T17:29:00.213000",
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-06288"
},
{
"date": "2018-05-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7502"
},
{
"date": "2018-03-22T00:00:00",
"db": "BID",
"id": "103487"
},
{
"date": "2018-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003449"
},
{
"date": "2018-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-837"
},
{
"date": "2024-11-21T04:12:15.373000",
"db": "NVD",
"id": "CVE-2018-7502"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "103487"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff TwinCAT Untrusted Pointer Reference Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-06288"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "e2e9ba2e-39ab-11e9-a5b1-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-837"
}
],
"trust": 0.8
}
}
VAR-201912-1212
Vulnerability from variot - Updated: 2024-11-23 22:51Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. Beckhoff Embedded Windows PLCs and Beckhoff Twincat Contains an input validation vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Beckhoff TwinCAT is a set of programming software for programmable logic controllers (PLCs) from the German company Beckhoff.
There are security holes in Beckhoff TwinCAT 2/3. An attacker could use the Beckhoff ADS protocol to exploit this vulnerability to execute code with SYSTEM permissions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1212",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "3.1"
},
{
"model": "twincat",
"scope": "eq",
"trust": 1.6,
"vendor": "beckhoff",
"version": "2.0"
},
{
"model": "twincat",
"scope": "lt",
"trust": 1.0,
"vendor": "beckhoff",
"version": "3.1"
},
{
"model": "twincat",
"scope": "gte",
"trust": 1.0,
"vendor": "beckhoff",
"version": "3.0"
},
{
"model": "twincat",
"scope": null,
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": "2/3"
},
{
"model": "twincat",
"scope": "eq",
"trust": 0.6,
"vendor": "beckhoff",
"version": "3.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:beckhoff:twincat",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
}
]
},
"cve": "CVE-2019-16871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2019-16871",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-03120",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-16871",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-16871",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-16871",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-16871",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-03120",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-943",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. Beckhoff Embedded Windows PLCs and Beckhoff Twincat Contains an input validation vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Beckhoff TwinCAT is a set of programming software for programmable logic controllers (PLCs) from the German company Beckhoff. \n\nThere are security holes in Beckhoff TwinCAT 2/3. An attacker could use the Beckhoff ADS protocol to exploit this vulnerability to execute code with SYSTEM permissions",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-16871"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "CNVD",
"id": "CNVD-2020-03120"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-16871",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-03120",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-943",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"id": "VAR-201912-1212",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
}
]
},
"last_update_date": "2024-11-23T22:51:32.556000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory 2017-001: ADS is only designed for use in protected environments",
"trust": 0.8,
"url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2017-001.pdf"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-290",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2017-001.pdf"
},
{
"trust": 1.6,
"url": "https://www.ic4.be/2019/12/18/beckhoff-cve-2019-16871/#more-648"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16871"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16871"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"date": "2020-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"date": "2019-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"date": "2019-12-19T21:15:13.573000",
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-03120"
},
{
"date": "2020-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013949"
},
{
"date": "2020-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-943"
},
{
"date": "2024-11-21T04:31:14.783000",
"db": "NVD",
"id": "CVE-2019-16871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff Embedded Windows PLCs and Beckhoff Twincat Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013949"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-943"
}
],
"trust": 0.6
}
}
VAR-202003-1386
Vulnerability from variot - Updated: 2024-11-23 21:51A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting. The vulnerability stems from the improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. There is currently no detailed vulnerability details provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1386",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bk9000",
"scope": "eq",
"trust": 1.0,
"vendor": "beckhoff",
"version": "*"
},
{
"model": "bk9000",
"scope": null,
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
},
{
"model": "ethernet tcp/ip bus coupler bk9000",
"scope": null,
"trust": 0.6,
"vendor": "beckhoff",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:beckhoff:bk9000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
}
]
},
"cve": "CVE-2020-9464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-9464",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002837",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-21089",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-9464",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002837",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-9464",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-002837",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-21089",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-774",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
},
{
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device\u0027s functionality can be restored by rebooting. The vulnerability stems from the improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. There is currently no detailed vulnerability details provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9464"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "CNVD",
"id": "CNVD-2020-21089"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9464",
"trust": 3.0
},
{
"db": "CERT@VDE",
"id": "VDE-2020-005",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002837",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-21089",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202003-774",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
},
{
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"id": "VAR-202003-1386",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
}
]
},
"last_update_date": "2024-11-23T21:51:36.922000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://beckhoff.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert.vde.com/en-us/advisories/vde-2020-005"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9464"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9464"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
},
{
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
},
{
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"date": "2020-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"date": "2020-03-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-774"
},
{
"date": "2020-03-12T14:15:21.863000",
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"date": "2020-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002837"
},
{
"date": "2020-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-774"
},
{
"date": "2024-11-21T05:40:41.890000",
"db": "NVD",
"id": "CVE-2020-9464"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BECKHOFF Ethernet TCP/IP Bus Coupler BK9000 resource management error vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21089"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-774"
}
],
"trust": 0.6
}
}
VAR-202107-0200
Vulnerability from variot - Updated: 2024-08-14 14:50Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect. KG CX9020 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cx9020",
"scope": "eq",
"trust": 1.0,
"vendor": "beckhoff",
"version": "6.02"
},
{
"model": "cx9020",
"scope": "eq",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": "_cb3011_wec7_hps_v602_tc31_b4016.6"
},
{
"model": "cx9020",
"scope": "eq",
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
},
{
"model": "cx9020",
"scope": null,
"trust": 0.8,
"vendor": "beckhoff automation",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"cve": "CVE-2020-20741",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-20741",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-20741",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-20741",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-20741",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2020-20741",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-1797",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2020-20741",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-20741"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
},
{
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Incorrect Access Control in Beckhoff Automation GmbH \u0026 Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the \"CE Remote Display Tool\" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect. KG CX9020 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-20741"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "VULMON",
"id": "CVE-2020-20741"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-20741",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016595",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1797",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-20741",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-20741"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
},
{
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"id": "VAR-202107-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5
},
"last_update_date": "2024-08-14T14:50:14.083000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02019-06",
"trust": 0.8,
"url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-006.pdf"
},
{
"title": "Beckhoff Automation GmbH \u0026 Co. KG CX9020 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159166"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://download.beckhoff.com/download/document/product-security/advisories/advisory-2019-006.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-20741"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-20741"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
},
{
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-20741"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
},
{
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-23T00:00:00",
"db": "VULMON",
"id": "CVE-2020-20741"
},
{
"date": "2022-08-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"date": "2021-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1797"
},
{
"date": "2021-07-23T20:15:08.017000",
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-09T00:00:00",
"db": "VULMON",
"id": "CVE-2020-20741"
},
{
"date": "2022-08-16T02:21:00",
"db": "JVNDB",
"id": "JVNDB-2019-016595"
},
{
"date": "2021-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1797"
},
{
"date": "2021-08-09T17:43:48.367000",
"db": "NVD",
"id": "CVE-2020-20741"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beckhoff\u00a0Automation\u00a0GmbH\u00a0\u0026\u00a0Co.\u00a0KG\u00a0CX9020\u00a0 Firmware vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016595"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1797"
}
],
"trust": 0.6
}
}