Vulnerabilities > Beckhoff > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-27 | CVE-2024-41175 | Allocation of Resources Without Limits or Throttling vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker. | 5.5 |
| 2023-12-14 | CVE-2023-6545 | Open Redirect vulnerability in Beckhoff Authelia-Bhf The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to an open redirect that allows a remote unprivileged attacker to redirect a user to another site. | 4.7 |
| 2021-05-13 | CVE-2020-12526 | Improper Input Validation vulnerability in Beckhoff products TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. | 5.0 |
| 2020-11-19 | CVE-2020-12510 | Incorrect Default Permissions vulnerability in Beckhoff Twincat Extended Automation Runtime 3.1 The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. | 6.0 |
| 2020-06-16 | CVE-2020-12494 | Incomplete Cleanup vulnerability in Beckhoff Twincat and Twincat Driver Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. | 5.0 |
| 2019-11-21 | CVE-2019-5637 | Divide By Zero vulnerability in Beckhoff Twincat 3.1.4022.29/3.1.4022.30 When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. | 5.0 |
| 2019-11-21 | CVE-2019-5636 | Improper Resource Shutdown or Release vulnerability in Beckhoff Twincat 2.0/3.1 When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. | 5.0 |
| 2018-06-27 | CVE-2017-16726 | Inadequate Encryption Strength vulnerability in Beckhoff Twincat Beckhoff TwinCAT supports communication over ADS. | 6.4 |
| 2018-06-27 | CVE-2017-16718 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Beckhoff Twincat 3.0 Beckhoff TwinCAT 3 supports communication over ADS. | 4.3 |
| 2011-09-16 | CVE-2011-3486 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Beckhoff Twincat Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. | 5.0 |