Authentication Bypass Vulnerability in Beckhoff IPC Diagnostics
CVE-2015-4051

Currently unrated

Key Information:

Vendor: Beckhoff
Status: Ipc Diagnostics
Vendor: CVE Published:; 8 June 2015

What is CVE-2015-4051?

Beckhoff IPC Diagnostics versions prior to 1.8 exhibit an authentication bypass vulnerability that allows remote attackers to exploit functions within the /config directory. This oversight could lead to unauthorized actions such as creating arbitrary user accounts or executing denial-of-service attacks, including system reboot or shutdown, via crafted HTTP requests. The vulnerability poses significant risks to the integrity and availability of affected systems.

References

http://packetstormsecurity.com/files/132168/Beckhoff-IPC-...

x_refsource_MISC

http://ftp.beckhoff.com/download/document/IndustPC/Adviso...

x_refsource_CONFIRM

http://packetstormsecurity.com/files/134071/Beckoff-CX902...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 8, 2015
Vulnerability Reserved
May 21, 2015