CVE-2024-41174

The IPC-Diagnostics package in TwinCAT/BSD is susceptible to improper input neutralization by a low-privileged local attacker.
References
Link Resource
https://cert.vde.com/en/advisories/VDE-2024-048 Mitigation Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:beckhoff:ipc_diagnostics_package:*:*:*:*:*:*:*:*
cpe:2.3:o:beckhoff:twincat\/bsd:*:*:*:*:*:*:*:*

History

12 Sep 2024, 14:33

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.3
v2 : unknown
v3 : 9.0
CPE cpe:2.3:o:beckhoff:twincat\/bsd:*:*:*:*:*:*:*:*
cpe:2.3:a:beckhoff:ipc_diagnostics_package:*:*:*:*:*:*:*:*
References () https://cert.vde.com/en/advisories/VDE-2024-048 - () https://cert.vde.com/en/advisories/VDE-2024-048 - Mitigation, Third Party Advisory
First Time Beckhoff ipc Diagnostics Package
Beckhoff
Beckhoff twincat\/bsd

27 Aug 2024, 13:01

Type Values Removed Values Added
Summary
  • (es) El paquete IPC-Diagnostics en TwinCAT/BSD es susceptible a una neutralización de entrada inadecuada por parte de un atacante local con pocos privilegios.

27 Aug 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-27 08:15

Updated : 2024-09-12 14:33


NVD link : CVE-2024-41174

Mitre link : CVE-2024-41174

CVE.ORG link : CVE-2024-41174


JSON object : View

Products Affected

beckhoff

  • ipc_diagnostics_package
  • twincat\/bsd
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')