CVE-2018-7502

Name of the Vulnerable Software and Affected Versions TwinCAT versions 2.11 R3 2259 through 3.1 Build 4022.4

Description The issue is related to insufficient validation of user-supplied input in kernel drivers, which could allow an attacker to exploit this and potentially gain SYSTEM privileges. This could lead to privilege escalation.

Recommendations For TwinCAT versions 2.11 R3 2259 through 3.1 Build 4022.4, consider restricting access to the kernel drivers until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.