Known Vulnerabilities for products from Beckhoff
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Beckhoff".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Beckhoff can be found at device.report : Beckhoff
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-34594 | TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194... | 6.5 - MEDIUM | 2021-11-04 | 2021-11-06 |
| CVE-2020-20741 | Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B... | 9.8 - CRITICAL | 2021-07-23 | 2021-08-09 |
| CVE-2020-12526 | TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automa... | 5.3 - MEDIUM | 2021-05-13 | 2021-05-25 |
| CVE-2020-12510 | The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does... | 7.3 - HIGH | 2020-11-19 | 2020-12-03 |
| CVE-2020-12494 | Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements rea... | 5.3 - MEDIUM | 2020-06-16 | 2021-12-02 |
| CVE-2020-9464 | A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the de... | 7.5 - HIGH | 2020-03-12 | 2020-03-16 |
| CVE-2019-16871 | Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to... | 9.8 - CRITICAL | 2019-12-19 | 2021-07-21 |
| CVE-2019-5637 | When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sen... | 7.5 - HIGH | 2019-11-21 | 2020-02-04 |
| CVE-2019-5636 | When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. Note that the TwinCAT ... | 7.5 - HIGH | 2019-11-21 | 2020-02-04 |
| CVE-2018-7502 | Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-sup... | 7.8 - HIGH | 2018-03-23 | 2018-05-23 |
| CVE-2017-16726 | Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS ... | 9.1 - CRITICAL | 2018-06-27 | 2019-10-09 |
| CVE-2017-16718 | Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. Th... | 5.9 - MEDIUM | 2018-06-27 | 2019-10-09 |
| CVE-2015-4051 | Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers ... | 9 - HIGH | 2015-06-08 | 2016-12-31 |
| CVE-2014-5415 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote... | 9.1 - CRITICAL | 2016-10-05 | 2016-11-28 |
| CVE-2014-5414 | Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict th... | 9.1 - CRITICAL | 2016-10-05 | 2016-11-28 |
| CVE-2011-3486 | Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP po... | 5 - MEDIUM | 2011-09-16 | 2017-08-29 |
Known software with vulnerabilities from Beckhoff
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Beckhoff | Bk9000 | - |
| Operating System | Beckhoff | Bk9000 Firmware | - |
| Application | Beckhoff | Twincat | 2.0 |
| Operating System | Beckhoff | Twincat | 3.1.4022.29 |
| Hardware | Beckhoff | Twincat Cx2030 | - |
| Hardware | Beckhoff | Twincat Cx5140 | - |
| Application | Beckhoff | Twincat Extended Automation Runtime | 3.1 |