Description
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication bypass by a low privileged attacker.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Beckhoff / IPC Diagnostics package0 – 2.0.0.1
- Beckhoff / TwinCAT/BSD0 – 14.1.2.0
References
- VENDOR_ADVISORYhttps://cert.vde.com/en/advisories/VDE-2024-045