Arbitrary Command Execution Vulnerability in TwinCAT Package Manager by Beckhoff
CVE-2024-8934

Currently unrated

Key Information:

Vendor

Beckhoff

Status
TwinCAT Package Manager
Vendor
CVE Published:
31 October 2024

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-8934?

A local user with administrative access can exploit the TwinCAT Package Manager by entering specially crafted values in the user interface. This flawed input validation allows the execution of arbitrary operating system commands, potentially compromising the integrity and confidentiality of the system.

News Articles

favicon imageThe Cyber Express

CISA Warns Of CVE-2024-8934 And Critical ICS Vulnerabilities

CISA issues alert on CVE-2024-8934 and other critical vulnerabilities in Beckhoff, Delta, and Bosch systems, advising on updates and mitigations.

References

https://cert.vde.com/en/advisories/VDE-2024-064

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by The Cyber Express

  • Vulnerability published

.
CVE-2024-8934 : Arbitrary Command Execution Vulnerability in TwinCAT Package Manager by Beckhoff