CVE-2014-5415

Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
icscertCNA
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
beckhoffembedded_pc_images
-
beckhofftwincat
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/93349
https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf
https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf
https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-278-02.json
https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02
http://www.securityfocus.com/bid/93349
https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02