Lucene search
K

62 matches found

CNNVD
CNNVD
added 2026/01/27 12:0 a.m.5 views

Beckhoff Automation's various products have buffer error vulnerabilities

Beckhoff Automation’s Beckhoff.Device.Manager.XAR, among others, are products of the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. Beckhoff Automation’s MDP software package for TwinCAT/BSD is a core...

5.3CVSS6AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 2026/01/20 8:2 a.m.19 views

CVE-2025-41768

Summary: CVE-2025-41768 affects TwinCAT 3 HMI Server. An authenticated administrator can inject arbitrary content into the device’s custom CSS field, which is persisted and later echoed on login and error pages, constituting a stored XSS. The connected Red Hat, NVD, CVE list, and security feeds d...

5.5CVSS5.8AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/20 8:2 a.m.21 views

CVE-2025-41768 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server

An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation 'Cross-site Scripting'...

5.5CVSS0.00207EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-15211

Malware in sbrugna...

7.5CVSS7.5AI score0.01427EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-7910

Malware in sbrugna...

9.1CVSS9.3AI score0.00508EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7902

Malware in sbrugna...

5.9CVSS5.9AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7378

Malware in sbrugna...

9.8CVSS9.2AI score0.05302EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2019-15212

Malware in sbrugna...

7.5CVSS7.5AI score0.01427EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-19231

Malware in sbrugna...

7.8CVSS7.5AI score0.00557EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-58775

Malicious code in bioql PyPI...

4.7CVSS5.2AI score0.00433EPSS
Exploits0References2
CVE
CVE
added 2025/09/09 8:57 a.m.12 views

CVE-2025-41701

Beckhoff TwinCAT 3 Engineering contains a vulnerability (CVE-2025-41701) where deserialization of untrusted data can be triggered by a manipulated project file, allowing an unauthenticated local attacker to execute arbitrary commands in the user’s context. The available connected sources confirm ...

7.8CVSS6.6AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.2 views

Beckhoff TwinCAT 代码问题漏洞

Beckhoff TwinCAT is a software system from Beckhoff Germany consisting of a real-time environment and a real-time system for executing control programs in a development environment. The system is mainly used for PLC Programmable Logic Controller programming, diagnostics and system configuration. ...

7.8CVSS7.7AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:49 p.m.6 views

CVE-2020-12494

Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functionality, all other Ethernet frames sent through the driver are not padded if their payload is less tha...

5.3CVSS6.8AI score0.01014EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/15 12:0 a.m.4 views

Beckhoff TwinCAT Package Manager Installed (Windows)

Binary data beckhofftwincatpackagemanagerwininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/15 12:0 a.m.10 views

Beckhoff TwinCAT Package Manager Security Advisory 2024-005

The version of Beckhoff TwinCAT Package Manager installed on the remote Windows host is prior to 1.0.603.0. It is, therefore, affected by a command injection vulnerability. For more information, consult the vendor advisory. Note that Nessus has not tested for these issues but has instead relied...

6.5CVSS5.7AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.23 views

Beckhoff TwinCAT 操作系统命令注入漏洞

Beckhoff TwinCAT is a software system from Beckhoff, Germany, consisting of a real-time environment and a real-time system for executing control programs in a development environment. The system is mainly used for PLC Programmable Logic Controller programming, diagnostics and system configuration...

6.5CVSS7.3AI score0.00187EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.20 views

Beckhoff TwinCAT/BSD Buffer Copy without Checking Size of Input (CVE-2024-41176)

The MPD package included in TwinCAT/BSD allows an authenticated, low- privileged local attacker to induce a Denial-of-Service DoS condition on the daemon and execute code in the context of user root via a crafted HTTP request. This plugin only works with Tenable.ot. Please visit...

7.3CVSS5.7AI score0.00265EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.266 views

Beckhoff TwinCAT SCADA PLC 2.11.0.2004 Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Beckhoff TwinCAT SCADA PLC 2.11.0.2004 DoS', 'Description' = %q The Beckhoff TwinCAT version 'Luigi Auriemma', Public exploit 'jfa', Metasploit...

5CVSS7AI score0.50556EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2024/08/27 8:1 a.m.22 views

CVE-2024-41175 Beckhoff: Local Denial-of-Service vulnerability in TwinCAT/BSD and the IPC-Diagnostics package

The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.4 views

Beckhoff TwinCAT/BSD 安全漏洞

Beckhoff TwinCAT/BSD is a new operating system from Beckhoff. A security vulnerability exists in Beckhoff TwinCAT/BSD, which stems from an MPD package that allows an authenticated, low-privileged local attacker to induce a denial of service state in the daemon via a carefully constructed HTTP...

7.3CVSS6.8AI score0.00265EPSS
Exploits0References2
Rows per page
Query Builder