9.4
CVE-2014-5415
- EPSS 4.19%
- Veröffentlicht 05.10.2016 10:59:01
- Zuletzt bearbeitet 05.11.2025 00:15:33
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginBeckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Beckhoff ≫ Embedded Pc Images Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.19% | 0.882 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 9.4 | 10 | 9.2 |
AV:N/AC:L/Au:N/C:C/I:C/A:N
|
| ics-cert@hq.dhs.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-749 Exposed Dangerous Method or Function
The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.