Brute Force Authentication Vulnerability in Beckhoff Embedded PC and TwinCAT Components
CVE-2014-5414

9.1CRITICAL

Key Information:

Vendor: Beckhoff
Status: Embedded Pc Images; Twincat
Vendor: CVE Published:; 5 October 2016

What is CVE-2014-5414?

The vulnerability allows remote attackers to exploit weaknesses in the authentication mechanism of Beckhoff's Embedded PC images and TwinCAT components, which do not limit the number of authentication attempts. This oversight can lead to unauthorized access through brute-force attack techniques, enabling malicious actors to gain control over affected systems.

References

http://www.securityfocus.com/bid/93349

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02

x_refsource_MISC

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2016
Vulnerability Reserved
Aug 22, 2014