Vulnerability Description
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Beckhoff | Embedded Pc Images | - |
| Beckhoff | Twincat | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/93349
- https://download.beckhoff.com/download/document/product-security/Advisories/advi
- https://download.beckhoff.com/download/document/product-security/Advisories/advi
- https://download.beckhoff.com/download/document/product-security/Advisories/advi
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-27
- https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02
- http://www.securityfocus.com/bid/93349
- https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2014-5415?
CVE-2014-5415 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Too...
How severe is CVE-2014-5415?
CVE-2014-5415 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-5415?
Check the references section above for vendor advisories and patch information. Affected products include: Beckhoff Embedded Pc Images, Beckhoff Twincat.