{"containers": {"cna": {"affected": [{"product": "TwinCAT OPC UA Server", "vendor": "Beckhoff", "versions": [{"lessThanOrEqual": "2.3.0.12", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "IPC Diagnostics UA Server", "vendor": "Beckhoff", "versions": [{"lessThanOrEqual": "3.1.0.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "TF6100", "vendor": "Beckhoff", "versions": [{"lessThanOrEqual": "3.3.18", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Beckhoff Automation thanks Industrial Control Security Laboratory of QI-ANXIN Technology Group Inc. from China for reporting the issue and for support and efforts with the coordinated disclosure. Also Beckhoff Automation thanks CERT@VDE for coordination."}], "datePublic": "2021-04-27T00:00:00", "descriptions": [{"lang": "en", "value": "TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. KG are vulnerable to denial of service attacks. The attacker needs to send several specifically crafted requests to the running OPC UA server. After some of these requests the OPC UA server is no longer responsive to any client. This is without effect to the real-time functionality of IPCs."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-13T13:45:24", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-051"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf"}], "solutions": [{"lang": "en", "value": "For devices running Windows but not Windows CE or TwinCAT/BSD please get a recent version of the OPC UA servers through the conventional ways and update your system.\nFor devices running Windows CE please request a recent image via Beckhoff\u2019s support and apply it to your device.\nFor the product CX8091 please use firmware version \"CX8091_CE600_LF_v356f_TC211R3_B2306_v2\" or later.\nPlease note that the updated OPC UA server leaves less RAM available to your application on the CX8091."}], "source": {"advisory": "VDE-2020-051", "defect": ["VDE-2020-051"], "discovery": "EXTERNAL"}, "title": "BECKHOFF: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server", "workarounds": [{"lang": "en", "value": "Consider disabling the IPC Diagnostics Server by stopping and disabling the corresponding Windows service or service. For example this can be achieved with the following PowerShell commands:\n\nStop-Service -Force -Name DevMgrSvr-UA\nSet-Service -Name DevMgrSvr-UA -StartupType Disabled\n\nAlternatively consider limiting access to the TCP port the OPC UA server is listening on. This can happen with a dedicated firewall appliance which sits in front of an affected device. Alternatively at the device the Windows firewall can be configured to limit access to the TCP port."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2021-04-27T10:00:00.000Z", "ID": "CVE-2020-12526", "STATE": "PUBLIC", "TITLE": "BECKHOFF: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "TwinCAT OPC UA Server", "version": {"version_data": [{"version_affected": "<=", "version_value": "2.3.0.12"}]}}, {"product_name": "IPC Diagnostics UA Server", "version": {"version_data": [{"version_affected": "<=", "version_value": "3.1.0.1"}]}}, {"product_name": "TF6100", "version": {"version_data": [{"version_affected": "<=", "version_value": "3.3.18"}]}}]}, "vendor_name": "Beckhoff"}]}}, "credit": [{"lang": "eng", "value": "Beckhoff Automation thanks Industrial Control Security Laboratory of QI-ANXIN Technology Group Inc. from China for reporting the issue and for support and efforts with the coordinated disclosure. Also Beckhoff Automation thanks CERT@VDE for coordination."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. KG are vulnerable to denial of service attacks. The attacker needs to send several specifically crafted requests to the running OPC UA server. After some of these requests the OPC UA server is no longer responsive to any client. This is without effect to the real-time functionality of IPCs."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en-us/advisories/vde-2020-051", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2020-051"}, {"name": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf", "refsource": "CONFIRM", "url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf"}]}, "solution": [{"lang": "en", "value": "For devices running Windows but not Windows CE or TwinCAT/BSD please get a recent version of the OPC UA servers through the conventional ways and update your system.\nFor devices running Windows CE please request a recent image via Beckhoff\u2019s support and apply it to your device.\nFor the product CX8091 please use firmware version \"CX8091_CE600_LF_v356f_TC211R3_B2306_v2\" or later.\nPlease note that the updated OPC UA server leaves less RAM available to your application on the CX8091."}], "source": {"advisory": "VDE-2020-051", "defect": ["VDE-2020-051"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Consider disabling the IPC Diagnostics Server by stopping and disabling the corresponding Windows service or service. For example this can be achieved with the following PowerShell commands:\n\nStop-Service -Force -Name DevMgrSvr-UA\nSet-Service -Name DevMgrSvr-UA -StartupType Disabled\n\nAlternatively consider limiting access to the TCP port the OPC UA server is listening on. This can happen with a dedicated firewall appliance which sits in front of an affected device. Alternatively at the device the Windows firewall can be configured to limit access to the TCP port."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:56:52.054Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-051"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2020-12526", "datePublished": "2021-05-13T13:45:24.098776Z", "dateReserved": "2020-04-30T00:00:00", "dateUpdated": "2024-09-16T18:29:21.532Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:beckhoff:ipc_diagnostics_ua_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2F63E85-BE46-46AE-BED7-5D4963672BEE", "versionEndIncluding": "3.1.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:beckhoff:tf6100:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BE81331-ED73-4B59-BE98-E064A2C32B02", "versionEndIncluding": "3.3.18", "vulnerable": true}, {"criteria": "cpe:2.3:a:beckhoff:twincat_opc_ua_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFE1FF2F-5E28-4114-BCD5-B33B3898901E", "versionEndIncluding": "2.3.0.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics UA Server in versions up to 3.1.0.1 from Beckhoff Automation GmbH & Co. KG are vulnerable to denial of service attacks. The attacker needs to send several specifically crafted requests to the running OPC UA server. After some of these requests the OPC UA server is no longer responsive to any client. This is without effect to the real-time functionality of IPCs."}, {"lang": "es", "value": "TwinCAT OPC UA Server en versiones hasta 2.3.0.12 e IPC Diagnostics UA Server en versiones hasta 3.1.0.1 de Beckhoff Automation GmbH &amp; Co. KG son vulnerables a ataques de denegaci\u00f3n de servicio.&#xa0;El atacante necesita enviar varias peticiones dise\u00f1adas espec\u00edficamente al servidor OPC UA en ejecuci\u00f3n.&#xa0;Despu\u00e9s de algunas de estas peticiones, el servidor OPC UA ya no responde a ning\u00fan cliente.&#xa0;Esto no afecta a la funcionalidad en tiempo real de los IPC"}], "id": "CVE-2020-12526", "lastModified": "2024-11-21T04:59:52.260", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "info@cert.vde.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-13T14:15:17.457", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-051"}, {"source": "info@cert.vde.com", "tags": ["Vendor Advisory"], "url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-051"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2021-001.pdf"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "info@cert.vde.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}