Vulnerabilities > CVE-2019-5637 - Divide By Zero vulnerability in Beckhoff Twincat 3.1.4022.29/3.1.4022.30
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 2 |
Common Weakness Enumeration (CWE)
References
- https://blog.rapid7.com/2019/10/08/r7-2019-32-denial-of-service-vulnerabilities-in-beckhoff-twincat-plc-environment-fixed/
- https://blog.rapid7.com/2019/10/08/r7-2019-32-denial-of-service-vulnerabilities-in-beckhoff-twincat-plc-environment-fixed/
- https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf
- https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf