62 matches found
Beckhoff Automation's various products have buffer error vulnerabilities
Beckhoff Automation’s Beckhoff.Device.Manager.XAR, among others, are products of the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. Beckhoff Automation’s MDP software package for TwinCAT/BSD is a core...
CVE-2025-41768
Summary: CVE-2025-41768 affects TwinCAT 3 HMI Server. An authenticated administrator can inject arbitrary content into the device’s custom CSS field, which is persisted and later echoed on login and error pages, constituting a stored XSS. The connected Red Hat, NVD, CVE list, and security feeds d...
CVE-2025-41768 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server
An high privileged remote attacker can inject arbitrary content into the custom CSS field on the affected devices due to improper neutralization of input during web page generation 'Cross-site Scripting'...
EUVD-2019-15211
Malware in sbrugna...
EUVD-2017-7910
Malware in sbrugna...
EUVD-2017-7902
Malware in sbrugna...
EUVD-2019-7378
Malware in sbrugna...
EUVD-2019-15212
Malware in sbrugna...
EUVD-2018-19231
Malware in sbrugna...
EUVD-2023-58775
Malicious code in bioql PyPI...
CVE-2025-41701
Beckhoff TwinCAT 3 Engineering contains a vulnerability (CVE-2025-41701) where deserialization of untrusted data can be triggered by a manipulated project file, allowing an unauthenticated local attacker to execute arbitrary commands in the user’s context. The available connected sources confirm ...
Beckhoff TwinCAT 代码问题漏洞
Beckhoff TwinCAT is a software system from Beckhoff Germany consisting of a real-time environment and a real-time system for executing control programs in a development environment. The system is mainly used for PLC Programmable Logic Controller programming, diagnostics and system configuration. ...
CVE-2020-12494
Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functionality, all other Ethernet frames sent through the driver are not padded if their payload is less tha...
Beckhoff TwinCAT Package Manager Installed (Windows)
Binary data beckhofftwincatpackagemanagerwininstalled.nbin...
Beckhoff TwinCAT Package Manager Security Advisory 2024-005
The version of Beckhoff TwinCAT Package Manager installed on the remote Windows host is prior to 1.0.603.0. It is, therefore, affected by a command injection vulnerability. For more information, consult the vendor advisory. Note that Nessus has not tested for these issues but has instead relied...
Beckhoff TwinCAT 操作系统命令注入漏洞
Beckhoff TwinCAT is a software system from Beckhoff, Germany, consisting of a real-time environment and a real-time system for executing control programs in a development environment. The system is mainly used for PLC Programmable Logic Controller programming, diagnostics and system configuration...
Beckhoff TwinCAT/BSD Buffer Copy without Checking Size of Input (CVE-2024-41176)
The MPD package included in TwinCAT/BSD allows an authenticated, low- privileged local attacker to induce a Denial-of-Service DoS condition on the daemon and execute code in the context of user root via a crafted HTTP request. This plugin only works with Tenable.ot. Please visit...
Beckhoff TwinCAT SCADA PLC 2.11.0.2004 Denial Of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Beckhoff TwinCAT SCADA PLC 2.11.0.2004 DoS', 'Description' = %q The Beckhoff TwinCAT version 'Luigi Auriemma', Public exploit 'jfa', Metasploit...
CVE-2024-41175 Beckhoff: Local Denial-of-Service vulnerability in TwinCAT/BSD and the IPC-Diagnostics package
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker...
Beckhoff TwinCAT/BSD 安全漏洞
Beckhoff TwinCAT/BSD is a new operating system from Beckhoff. A security vulnerability exists in Beckhoff TwinCAT/BSD, which stems from an MPD package that allows an authenticated, low-privileged local attacker to induce a denial of service state in the daemon via a carefully constructed HTTP...