7.8
CVE-2024-41173
- EPSS 0.01%
- Veröffentlicht 27.08.2024 08:15:04
- Zuletzt bearbeitet 12.09.2024 14:52:20
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
LoginThe IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication bypass by a low privileged attacker.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Beckhoff ≫ Ipc Diagnostics Package Version < 2.0.0.1
Beckhoff ≫ Twincat/bsd Version < 14.1.2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.007 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-288 Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.