PT-2019-3493 · Beckhoff · Twincat 3.1+1

Andreas Galauner

Published

2019-10-07

Updated

2020-02-04

CVE-2019-5637

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions TwinCAT 2 versions prior to 2304 TwinCAT 3.1 versions prior to 4204.0

Description The issue is related to the Profinet driver in TwinCAT, which can cause a denial of service when a malformed UDP packet is sent to the device. This is also associated with division by zero errors. An attacker can exploit this issue by sending specially crafted DCP packets to cause a denial of service.

Recommendations For TwinCAT 2 versions prior to 2304, update to version 2304 or later to resolve the issue. For TwinCAT 3.1 versions prior to 4204.0, update to version 4204.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Profinet driver to minimize the risk of exploitation.

Exploit

Fix

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

BDU:2019-03668

CVE-2019-5637

Affected Products

Twincat 2

Twincat 3.1

PT-2019-3493 · Beckhoff · Twincat 3.1+1

CVE-2019-5637

Weakness Enumeration

Related Identifiers

Affected Products

References · 5