CVE-2020-12526
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. KG are vulnerable to denial of service attacks. The attacker needs to send several specifically crafted requests to the running OPC UA server. After some of these requests the OPC UA server is no longer responsive to any client. This is without effect to the real-time functionality of IPCs.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Beckhoff | TwinCAT OPC UA Server | unspecified <= 2.3.0.12 | affected |
| Beckhoff | IPC Diagnostics UA Server | unspecified <= 3.1.0.1 | affected |
| Beckhoff | TF6100 | unspecified <= 3.3.18 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
Workarounds
Consider disabling the IPC Diagnostics Server by stopping and disabling the corresponding Windows service or service. For example this can be achieved with the following PowerShell commands:
Stop-Service -Force -Name DevMgrSvr-UA Set-Service -Name DevMgrSvr-UA -StartupType Disabled
Alternatively consider limiting access to the TCP port the OPC UA server is listening on. This can happen with a dedicated firewall appliance which sits in front of an affected device. Alternatively at the device the Windows firewall can be configured to limit access to the TCP port.
ADP Enrichment
CVE Program Container
Additional References
- https://cert.vde.com/en-us/advisories/vde-2020-051
- https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf
References
- https://cert.vde.com/en-us/advisories/vde-2020-051
- https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.