CVE-2011-3486

Description

Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read.

Affected products

• Beckhoff / twincat2.11.0.2004
• Beckhoff / twincat2.7 – 2.7
• Beckhoff / twincat2.8 – 2.8
• Beckhoff / twincat2.9 – 2.9
• Beckhoff / twincat2.10 – 2.10

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/69765
• MISChttp://securityreason.com/securityalert/8380
• MISChttp://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-06.pdf
• MISChttp://osvdb.org/75495
• MISChttp://aluigi.altervista.org/adv/twincat_1-adv.txt