Overview
- Description
- Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 9.4
- Impact score
- 9.2
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:beckhoff:embedded_pc_images:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27BB7F09-2369-4C2A-9CDB-6469E59EF7E5"
},
{
"criteria": "cpe:2.3:a:beckhoff:twincat:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0324B77D-8923-4C9B-8F06-535FBC758AF7"
}
],
"operator": "OR"
}
]
}
]