Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with Beckhoff TwinCAT and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to cause denial of service condition Impact Level: Application

Solution

Vendor has released a patch to fix the issue, please contact the vendor at 'patch@beckhoff.com' for patch information. For updates refer to http://www.beckhoff.de/twincat/

Insight

The flaw is caused by an error in the 'TCATSysSrv.exe' when performing an invalid read access, which can be exploited by remote attacker by sending malformed packet to port 48899/UDP.

Affected

Beckhoff TwinCAT Version 2.11 build 1553,Other versions may also be affected.

References

http://aluigi.altervista.org/adv/twincat_1-adv.txt
http://packetstormsecurity.org/files/view/105088
http://secunia.com/advisories/45981
http://www.exploit-db.com/exploits/17835
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-06.pdf

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0514
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firebird SQL 'op_connect_request' Denial Of Service Vulnerability (Win)
CUPS Denial of Service Vulnerability - Jun09
Ciscokits TFTP Server Long Filename Denial Of Service Vulnerability
Connect back to SOCKS5 server
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)

Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability

Take action and discover your vulnerabilities