Denial of Service Vulnerability in Beckhoff TwinCAT Software
CVE-2011-3486

Currently unrated

Key Information:

Vendor: Beckhoff
Status: Twincat
Vendor: CVE Published:; 16 September 2011

What is CVE-2011-3486?

The Beckhoff TwinCAT software versions 2.11.0.2004 and earlier are susceptible to a denial of service attack triggered by a specially crafted request sent to UDP port 48899. This flaw potentially allows remote attackers to cause an out-of-bounds read, leading to disruptions in the service. Organizations utilizing this software should take immediate steps to assess their exposure and implement appropriate mitigations.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/69765

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/8380

third-party-advisoryx_refsource_SREASON

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-2...

x_refsource_MISC

EPSS Score

61% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2011
Vulnerability Reserved
Sep 16, 2011