Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Beckhoff: Information leak via Beckhoff Device Manager
Vulnerability Description
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
跨界内存读
Vulnerability Title
Beckhoff Automation多款产品 缓冲区错误漏洞
Vulnerability Description
Beckhoff Automation Beckhoff.Device.Manager.XAR等都是美国Beckhoff Automation公司的产品。Beckhoff Automation Beckhoff.Device.Manager.XAR是一个用于远程管理和控制器配置的核心组件。Beckhoff Automation MDP software package for TwinCAT/BSD是一个硬件诊断和系统管理的核心组件。Beckhoff Automation mdp-bhf software
CVSS Information
N/A
Vulnerability Type
N/A