CVE-2014-5415
Beckhoff Embedded PC Images and TwinCAT Components Exposed Dangerous Method or Function
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected products
Beckhoff · Embedded PC ImagesBeckhoff · TwinCAT Components featuring Automation Device Specification (ADS) communicationWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdfhttps://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdfhttps://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdfhttps://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-278-02.jsonhttps://ics-cert.us-cert.gov/advisories/ICSA-16-278-02https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02http://www.securityfocus.com/bid/93349