CVE-2014-5415
9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Beckhoff | Embedded PC Images | 0 < October 22, 2014 | affected |
| Beckhoff | TwinCAT Components featuring Automation Device Specification (ADS) communication | All | affected |
Weaknesses
- CWE-749: CWE-749
ADP Enrichment
CVE Program Container
Additional References
References
- http://www.securityfocus.com/bid/93349
- https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf
- https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf
- https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf
- https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-278-02.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.