CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2015-4051 – Beckoff CX9020 CPU Model Remote Code Execution
https://notcve.org/view.php?id=CVE-2015-4051
05 Jun 2015 — Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi. Beckhoff IPC Diagnostics anterior a 1.8 no restringe correctamente el acceso a funciones en /config, lo que permite a atacantes remotos causar una denegación de ... • http://ftp.beckhoff.com/download/document/IndustPC/Advisory-2015-001.pdf • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 86%CPEs: 5EXPL: 2CVE-2011-3486 – Beckhoff TwinCAT 2.11.0.2004 - Denial of Service
https://notcve.org/view.php?id=CVE-2011-3486
16 Sep 2011 — Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. Beckhoff TwinCAT 2.11.0.2004 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio a través de una petición modificada al puerto UDP 48899, lo que provoca una lectura fuera de límites. Beckhoff TwinCAT versions 2.11.0.2004 and below can be brought down by sending a crafted UDP packet to port 48899 (TCATSy... • https://www.exploit-db.com/exploits/17835 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •