Lucene search
K

1480 matches found

Cvelist
Cvelist
added 2023/12/14 2:9 p.m.21 views

CVE-2023-6545 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf

The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to an open redirect that allows a remote unprivileged attacker to redirect a user to another site. This may have limited impact to integrity and does solely affect anthelia-bhf the Beckhoff fork of authelia...

4.7CVSS5.1AI score0.00433EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.4 views

Beckhoff TwinCAT/BSD Input Validation Error Vulnerability

Beckhoff TwinCAT/BSD is a new operating system from Beckhoff Germany. An input validation error vulnerability exists in Beckhoff TwinCAT/BSD authelia-bhf package versions prior to 4.37.5, which originates from a vulnerability that could allow a remote, unprivileged attacker to redirect a user to...

4.7CVSS6.6AI score0.00433EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.5 views

PT-2023-7820 · Beckhoff · Authelia-Bhf +1

Name of the Vulnerable Software and Affected Versions: Beckhoff TwinCAT/BSD affected versions not specified Description: The package authelia-bhf included in Beckhoff's TwinCAT/BSD is prone to an open redirect, allowing a remote unprivileged attacker to redirect a user to another site. This may...

5CVSS4.7AI score0.00433EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.6 views

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

6.5CVSS6.8AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.5 views

Multiple Codesys Products Buffer Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. A buffer error vulnerability exists in several Codesys products, which stems from a specially crafted remote communication request that could cause the CmpAppBP component to overwrite...

6.5CVSS6.9AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.6 views

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

6.5CVSS6.8AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/03 12:0 a.m.6 views

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

6.5CVSS6.8AI score0.00519EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.5 views

The vulnerability of the network driver of the TwinCAT software for automation and control of technological processes from Beckhoff is related to the ability to disclose information, allowing a perpetrator to uncover protected information.

The vulnerability of the TwinCAT network driver, a software for automating and controlling technological processes in Beckhoff’s TwinCAT system, is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected...

5.3CVSS5.9AI score0.01014EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.25 views

Beckhoff TwinCAT OPC UA Server Path Traversal (CVE-2021-34594)

TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system. This plugin only works with Tenable.ot. Please visit...

8.5CVSS6.6AI score0.0109EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.17 views

Beckhoff (CVE-2020-12526) (deprecated)

Plugin deprecated because beckhoff software is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated...

5.3CVSS5.7AI score0.00955EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.21 views

Beckhoff TwinCAT ADS Communication Password Bruteforce (CVE-2014-5414)

Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification ADS TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute- force attack. This plugin only works with Tenable.ot. Please vis...

9.4CVSS8.4AI score0.04801EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.21 views

Beckhoff TwinCAT Malformed UDP Packet Improper Resource Shutdown or Release (CVE-2019-5636)

When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. Note that the TwinCAT devices are still performing as normal. This issue affects TwinCAT 2 version 2304 and prior and TwinCAT 3.1 version 4204.0 and prior. This plugin only works with Tenable.ot...

7.5CVSS7.1AI score0.01427EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.15 views

Beckhoff BK9000 Denial of Service (CVE-2020-9464)

A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.8CVSS7.6AI score0.01349EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.28 views

Beckhoff (CVE-2015-4051) (deprecated)

Plugin deprecated because ipcdiagnostics is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated becaus...

0.3AI score0.05734EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.21 views

Beckhoff (CVE-2014-5415) (deprecated)

Plugin deprecated because twincat/embeddpcimages is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecate...

0.1AI score0.04339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.22 views

Beckhoff TwinCAT Installation Directory Incorrect Default Permissions (CVE-2020-12510)

The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for...

7.3CVSS7.5AI score0.00839EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.29 views

Beckhoff TwinCAT Read Access Violation (CVE-2011-3486)

Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5CVSS5.8AI score0.50556EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.12 views

Beckhoff TwinCAT RT Network Driver Incomplete Cleanup (CVE-2020-12494)

Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functionality, all other Ethernet frames sent through the driver are not padded if their payload is less tha...

5.3CVSS5.8AI score0.01014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.31 views

Beckhoff CX9020 Authentication Bypass (CVE-2020-20741)

Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020CB3011WEC7HPSv602TC31B4016.6 allows remote attackers to bypass authentication via the CE Remote Display Tool as it does not close the incoming connection on the Windows CE side if the credentials are...

9.8CVSS8.6AI score0.01561EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.18 views

Beckhoff TwinCAT Untrusted Pointer Dereference (CVE-2018-7502)

Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges. This plugin only works wi...

7.8CVSS7.6AI score0.00557EPSS
Exploits1References5
Rows per page
Query Builder