Vulnerabilities > Beckhoff
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-27 | CVE-2024-41173 | Unspecified vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication bypass by a low privileged attacker. | 7.8 |
| 2024-08-27 | CVE-2024-41174 | Cross-site Scripting vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper input neutralization by a low-privileged local attacker. | 9.0 |
| 2024-08-27 | CVE-2024-41175 | Allocation of Resources Without Limits or Throttling vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker. | 5.5 |
| 2024-08-27 | CVE-2024-41176 | Unspecified vulnerability in Beckhoff MDP Package and Twincat/Bsd The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service (DoS) condition on the daemon and execute code in the context of user “root” via a crafted HTTP request. | 7.3 |
| 2023-12-14 | CVE-2023-6545 | Open Redirect vulnerability in Beckhoff Authelia-Bhf The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to an open redirect that allows a remote unprivileged attacker to redirect a user to another site. | 4.7 |
| 2021-11-04 | CVE-2021-34594 | Path Traversal vulnerability in Beckhoff Tf6100 Firmware and Ts6100 Firmware TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system. | 6.5 |
| 2021-07-23 | CVE-2020-20741 | Unspecified vulnerability in Beckhoff Cx9020 6.02 Incorrect Access Control in Beckhoff Automation GmbH & Co. | 9.8 |
| 2021-05-13 | CVE-2020-12526 | Improper Input Validation vulnerability in Beckhoff products TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. | 5.3 |
| 2020-11-19 | CVE-2020-12510 | Incorrect Default Permissions vulnerability in Beckhoff Twincat Extended Automation Runtime 3.1 The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. | 7.3 |
| 2020-06-16 | CVE-2020-12494 | Incomplete Cleanup vulnerability in Beckhoff Twincat and Twincat Driver Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. | 5.3 |