Beckhoff TwinCAT/BSD Stack-Based Buffer Overflow (CVE-2024-41176)

Key Information Vulnerability Description Vulnerability ID: VDE-2024-050 Release Date: 2024-08-27 10:00 (CEST) Update Date: 2024-08-27 08:57 (CEST) Vendor: Beckhoff Automation GmbH & Co. KG Affected Products: - MDP package (< 1.2.7.0) - TwinCAT/BSD (< 14.1.2.0_153968) Vulnerability Details Vulnerability Type: Stack-based Buffer Overflow (CWE-121) Description: The MDP package, included in TwinCAT/BSD, allows an authenticated local attacker to trigger a denial-of-service (DoS) condition and execute code in the context of the user “root” via crafted HTTP requests. Impact Impact: A local attacker can trigger a denial-of-service or execute code in the context of the user “root” by sending crafted HTTP requests. Solution Mitigation: Avoid having user accounts with login privileges on the target system, except for administrator access. By default, TwinCAT/BSD is pre-configured with user accounts having lower privileges, but none of them have passwords, thus login access is denied. Avoid running third-party applications on the target system that have not been thoroughly audited, regardless of the user under which they are running. Remediation: Update affected products to the latest versions. Beckhoff recommends updating the entire TwinCAT/BSD operating system to the latest version, rather than individual packages. For information on updating existing TwinCAT/BSD installations, please refer to the provided link. You can also determine the operating system version via the command line. This can also be viewed through the Beckhoff Device Manager UI. Note: When upgrading from a major TwinCAT/BSD version 12, two consecutive upgrades are required. Reporter Reporter: CERT@VDE in coordination with Beckhoff Reporter: Andrea Palanca of Nozomi Networks Additional Information CVE ID: CVE-2024-41176 Severity: 6.5 (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L) Last Updated: 2024-08-22, 9:35 a.m. Affected Versions: MDP package (< 1.2.7.0), TwinCAT/BSD (< 14.1.2.0_153968)

Goal Reached Thanks to every supporter — we hit 100%!

Beckhoff TwinCAT/BSD Stack-Based Buffer Overflow (CVE-2024-41176)