Vulnerability Description
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Beckhoff | Embedded Pc Images | - |
| Beckhoff | Twincat | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/93349
- https://download.beckhoff.com/download/document/product-security/Advisories/advi
- https://download.beckhoff.com/download/document/product-security/Advisories/advi
- https://download.beckhoff.com/download/document/product-security/Advisories/advi
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-27
- https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02
- http://www.securityfocus.com/bid/93349
- https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2014-5414?
CVE-2014-5414 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attac...
How severe is CVE-2014-5414?
CVE-2014-5414 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-5414?
Check the references section above for vendor advisories and patch information. Affected products include: Beckhoff Embedded Pc Images, Beckhoff Twincat.