18 matches found
Beckhoff TwinCAT Untrusted Pointer Dereference (CVE-2018-7502)
Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges. This plugin only works wi...
CVE-2017-14790
CVE-2018-7502 is described in connected documents as a vulnerability in Beckhoff TwinCAT where kernel drivers in TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker capable of code execution on the target could exploi...
CVE-2017-14776
CVE-2017-14776 is rejected/not used and does not represent an active vulnerability entry; reference CVE-2018-7502.
CVE-2017-14793
Beckhoff TwinCAT: CVE-2018-7502 (linked via duplicate of CVE-2017-14793) affects kernel drivers in TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1. Root cause is lack of proper validation of user-supplied pointer values in kernel drivers, enabling a code-executing attack to obtain...
CVE-2017-14782
CVE-2017-14782 is rejected/not used and does not represent an active vulnerability entry; use CVE-2018-7502.
CVE-2017-14779
CVE-2017-14779 is a reservation duplicate of CVE-2018-7502; connected records focus on CVE-2018-7502, which affects Beckhoff TwinCAT kernels: untrusted pointer dereference in TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1, allowing code execution with SYSTEM privileges if an atta...
CVE-2017-14777
This CVE entry is rejected/not used and does not represent an active vulnerability.
CVE-2017-14786
CVE-2017-14786 is rejected/not used; reference CVE-2018-7502 instead.
CVE-2017-14788
CVE-2018-7502 (Beckhoff TwinCAT) involves an untrusted pointer dereference in Beckhoff TwinCAT kernel drivers. The vulnerability affects TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1, where user-supplied pointer values are not properly validated. An attacker who can execute code...
CVE-2017-14794
CVE-2017-14794 is rejected; this candidate should reference CVE-2018-7502 and is not an active vulnerability entry.
CVE-2017-14784
This CVE entry is rejected/not used; reference CVE-2018-7502 instead.
CVE-2017-14781
CVE-2017-14781 is rejected/not used; reference CVE-2018-7502 instead.
CVE-2017-14789
CVE-2017-14789 is rejected/not used; reference CVE-2018-7502 instead.
CVE-2017-14785
CVE-2017-14785 is a reserved duplicate of CVE-2018-7502; per connected sources, CVE-2018-7502 describes Beckhoff TwinCAT kernel driver vulnerability with an untrusted pointer dereference in specific TwinCAT builds. Affected products include Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259,...
CVE-2017-14792
CVE-2017-14792 is a reservation duplicate of CVE-2018-7502. Connected documents contain concrete details for CVE-2018-7502: Běckhoff TwinCAT kernels (3.1 Build 4022.4, 2.11 R3 2259, 3.1) fail to validate user-supplied pointer values. The vulnerability can allow an attacker who can execute code on...
CVE-2017-14787
CVE-2017-14787 is a reservation duplicate and is rejected/not used; reference CVE-2018-7502.
CVE-2018-7502
Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges...
CVE-2018-7502
CVE-2018-7502 affects Beckhoff TwinCAT: 3.1 Build 4022.4, 2.11 R3 2259, and 3.1. Root cause is unvalidated user-supplied pointer values in kernel drivers, enabling a code-execution path with LOCAL access and LOW complexity that could yield SYSTEM privileges. Confirmed by multiple sources (NVD/Ten...