When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior).
References
Link | Resource |
---|---|
https://blog.rapid7.com/2019/10/08/r7-2019-32-denial-of-service-vulnerabilities-in-beckhoff-twincat-plc-environment-fixed/ | Exploit Third Party Advisory |
https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Information
Published : 2019-11-21 12:15
Updated : 2020-02-04 15:15
NVD link : CVE-2019-5637
Mitre link : CVE-2019-5637
JSON object : View
CWE
CWE-369
Divide By Zero
Products Affected
beckhoff
- twincat_cx2030
- twincat
- twincat_cx5140