Vulnerabilities > CVE-2024-41176 - Unspecified vulnerability in Beckhoff MDP Package and Twincat/Bsd

CVSS 7.3 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

LOW

local

low complexity

beckhoff

NVD

Published: 2024-08-27

Updated: 2024-10-01

Summary

The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service (DoS) condition on the daemon and execute code in the context of user “root” via a crafted HTTP request.

Vulnerable Configurations

Part	Description	Count
OS	Beckhoff Beckhoff Twincat/Bsd -	1
Application	Beckhoff Beckhoff MDP Package -	1

References

https://cert.vde.com/en/advisories/VDE-2024-050