Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Beckhoff: Privilege Escalation through TwinCat System
Vulnerability Description
The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for automatic execution upon log in of a user. If a less privileged user has a local account he or she can replace TcSysUI.exe. It will be executed automatically by another user during login. This is also true for users with administrative access. Consequently, a less privileged user can trick a higher privileged user into executing code he or she modified this way. By default Beckhoff’s IPCs are shipped with TwinCAT software installed this way and with just a single local user configured. Thus the vulnerability exists if further less privileged users have been added.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
缺省权限不正确
Vulnerability Title
Beckhoff TwinCAT 安全漏洞
Vulnerability Description
Beckhoff TwinCAT是德国Beckhoff公司的一款基于PC应用于工业控制的运动控制软件。该软件基于Windows系统的控制和自动化技术,可将任何一个基于PC 的系统转换为一个带多PLC、NC、CNC 和机器人实时操作系统的实时控制系统。 TwinCAT XAR V2.0.0及以上存在安全漏洞,该漏洞源于软件的默认安装路径都在C:TwinCAT之下。如果该目录不存在,则创建它和进一步的子目录,并具有允许每个本地用户修改内容的权限。默认安装注册tcsysi .exe用于在用户登录时自动执行。如果
CVSS Information
N/A
Vulnerability Type
N/A