Vendor
Beckhoff
Products
3
CVEs
4
Across products
10
Status
Private
Products
3- 7 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-5414 | Cri | 0.60 | 9.1 | 0.06 | Oct 5, 2016 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. | |
| CVE-2014-5415 | Cri | 0.59 | 9.1 | 0.04 | Oct 5, 2016 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service. | |
| CVE-2011-3486 | 0.08 | — | 0.60 | Sep 16, 2011 | Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. | ||
| CVE-2015-4051 | 0.00 | — | 0.02 | Jun 8, 2015 | Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi. |