Lucene search
CERTVDECVE-2024-41173HistoryAug 27, 2024 - 8:15 a.m.
CVE-2024-41173
2024-08-2708:15:04
CWE-288
CERTVDE
web.nvd.nist.gov
25
ipc-diagnostics
twincat/bsd
authentication bypass
low privileged attacker
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.5%
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication bypass by a low privileged attacker.
Affected configurations
Node
beckhoffipc_diagnostics_packageRange<2.0.0.1
ORbeckhofftwincat\/bsdRange<14.1.2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| beckhoff | ipc_diagnostics_package | * | cpe:2.3:a:beckhoff:ipc_diagnostics_package:*:*:*:*:*:*:*:* |
| beckhoff | twincat\/bsd | * | cpe:2.3:o:beckhoff:twincat\/bsd:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "IPC Diagnostics package",
"vendor": "Beckhoff",
"versions": [
{
"lessThan": "2.0.0.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TwinCAT/BSD",
"vendor": "Beckhoff",
"versions": [
{
"lessThan": "14.1.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]References
Related
nessus
nessus
Beckhoff (CVE-2024-41173)
2024-09-12 00:00:00
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-41173
2024-08-27 08:15:04
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.5%
Related for CVE-2024-41173