CVE-2021-34594
Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system.
TwinCAT OPC UA Server en TF6100 y TS6100 en versiones del producto anteriores a 4.3.48.0 o con versiones de TcOpcUaServer anteriores a 3.2.0.194, son propensos a un salto de ruta relativo que permite a administradores crear o eliminar cualquier archivo en el sistema
*Credits:
Beckhoff Automation thanks Johannes Olegård, Emre Süren, and Robert Lagerström for reporting the issue and for support and efforts with the coordinated disclosure.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-06-10 CVE Reserved
- 2021-11-04 CVE Published
- 2023-05-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-23: Relative Path Traversal
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://cert.vde.com/en/advisories/VDE-2021-051 | Mitigation |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Beckhoff Search vendor "Beckhoff" | Tf6100 Firmware Search vendor "Beckhoff" for product "Tf6100 Firmware" | < 4.3.48.0 Search vendor "Beckhoff" for product "Tf6100 Firmware" and version " < 4.3.48.0" | - |
Affected
| in | Beckhoff Search vendor "Beckhoff" | Tf6100 Search vendor "Beckhoff" for product "Tf6100" | - | - |
Safe
|
| Beckhoff Search vendor "Beckhoff" | Ts6100 Firmware Search vendor "Beckhoff" for product "Ts6100 Firmware" | < 4.3.48.0 Search vendor "Beckhoff" for product "Ts6100 Firmware" and version " < 4.3.48.0" | - |
Affected
| in | Beckhoff Search vendor "Beckhoff" | Ts6100 Search vendor "Beckhoff" for product "Ts6100" | - | - |
Safe
|