Vulnerability Details CVE-2018-7502
Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.securityfocus.com/bid/103487
- https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-18-081-02
- https://srcincite.io/advisories/src-2018-0007/
- http://www.securityfocus.com/bid/103487
- https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-18-081-02
- https://srcincite.io/advisories/src-2018-0007/