{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Embedded PC Images", "vendor": "Beckhoff", "versions": [{"lessThan": "October 22, 2014", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TwinCAT Components featuring Automation Device Specification (ADS) communication", "vendor": "Beckhoff", "versions": [{"status": "affected", "version": "All"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Gregor Bonney from FH Aachen University of Applied Sciences"}], "datePublic": "2016-10-04T06:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>\nBeckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service.\n\n</p>"}], "value": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-749", "description": "CWE-749", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-11-04T23:12:23.266Z"}, "references": [{"name": "93349", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93349"}, {"url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf"}, {"url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf"}, {"url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02"}, {"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-278-02.json"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Beckhoff recommends in their IPC Security Manual \n(<a target=\"_blank\" rel=\"nofollow\" href=\"https://download.beckhoff.com/download/Document/ipc/industrial-pc/ipc_security_en.pdf\">https://download.beckhoff.com/download/Document/ipc/industrial-pc/ipc_security_en.pdf</a>)\n to use network and software firewalls to block all network ports except\n the ones that are needed. Beckhoff also recommends that default \npasswords be changed during commissioning before connecting systems to \nthe network.</p>\n<p>In their advisories (Advisory 2014-001: Potential \nmisuse of several administrative services, \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf\">https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf</a>. Advisory 2014-002: ADS communication port allows password bruteforce, \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf\">https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf</a>. Advisory2014-003: Recommendation to change default passwords, \n<a target=\"_blank\" rel=\"nofollow\" href=\"https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf\">https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf</a>&nbsp;which were published November \n17, 2014) for these issues, Beckhoff also recommends the following \nmitigation solutions:</p>\n<ul>\n<li>Update images to build October 22, 2014, or newer, which solve these problems by disabling the services by default.</li>\n<li>Disable the Windows CE Remote Configuration Tool by deleting the \nsubtree \u201c/remoteadmin.\u201d The configuration of the web server paths can be\n found in the Windows registry at the path \n\u201cHKEY_LOCAL_MACHINE\\COMM\\HTTPD\\VROOTS\\.\u201d</li>\n<li>Disable startup of CE Remote Display service (cerdisp.exe) with \ndeleting the registry key containing the \u201cCeRDisp.exe\u201d \n[-HKEY_LOCAL_MACHINE\\init\\Launch90].</li>\n<li>Disable telnet by setting the registry key [HKEY_LOCAL_MACHINE\\Services\\TELNETD\\Flags] to dword: 4</li>\n<li>Restrict ADS communication to trusted networks only.</li>\n</ul>\n\n<br>"}], "value": "Beckhoff recommends in their IPC Security Manual \n( https://download.beckhoff.com/download/Document/ipc/industrial-pc/ipc_security_en.pdf )\n to use network and software firewalls to block all network ports except\n the ones that are needed. Beckhoff also recommends that default \npasswords be changed during commissioning before connecting systems to \nthe network.\n\n\nIn their advisories (Advisory 2014-001: Potential \nmisuse of several administrative services, \n https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf . Advisory 2014-002: ADS communication port allows password bruteforce, \n https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf . Advisory2014-003: Recommendation to change default passwords, \n https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf \u00a0which were published November \n17, 2014) for these issues, Beckhoff also recommends the following \nmitigation solutions:\n\n\n\n * Update images to build October 22, 2014, or newer, which solve these problems by disabling the services by default.\n\n * Disable the Windows CE Remote Configuration Tool by deleting the \nsubtree \u201c/remoteadmin.\u201d The configuration of the web server paths can be\n found in the Windows registry at the path \n\u201cHKEY_LOCAL_MACHINE\\COMM\\HTTPD\\VROOTS\\.\u201d\n\n * Disable startup of CE Remote Display service (cerdisp.exe) with \ndeleting the registry key containing the \u201cCeRDisp.exe\u201d \n[-HKEY_LOCAL_MACHINE\\init\\Launch90].\n\n * Disable telnet by setting the registry key [HKEY_LOCAL_MACHINE\\Services\\TELNETD\\Flags] to dword: 4\n\n * Restrict ADS communication to trusted networks only."}], "source": {"advisory": "ICSA-16-278-02", "discovery": "EXTERNAL"}, "title": "Beckhoff Embedded PC Images and TwinCAT Components Exposed Dangerous Method or Function", "x_generator": {"engine": "Vulnogram 0.5.0"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-5414", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "93349", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93349"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T11:41:49.234Z"}, "title": "CVE Program Container", "references": [{"name": "93349", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93349"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2014-5415", "datePublished": "2016-10-05T10:00:00", "dateReserved": "2014-08-22T00:00:00", "dateUpdated": "2025-11-04T23:12:23.266Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:beckhoff:embedded_pc_images:-:*:*:*:*:*:*:*", "matchCriteriaId": "27BB7F09-2369-4C2A-9CDB-6469E59EF7E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:beckhoff:twincat:-:*:*:*:*:*:*:*", "matchCriteriaId": "0324B77D-8923-4C9B-8F06-535FBC758AF7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components might allow remote attackers to obtain access via the (1) Windows CE Remote Configuration Tool, (2) CE Remote Display service, or (3) TELNET service."}, {"lang": "es", "value": "Im\u00e1genes Beckhoff Embedded PC en versiones anteriores a 22-10-2014 y componentes Automation Device Specification (ADS) TwinCAT podr\u00edan permitir a atacantes remotos obtener acceso a trav\u00e9s de (1) Windows CE Remote Configuration Tool, (2) servicio CE Remote Display o (3) servicio TELNET."}], "id": "CVE-2014-5415", "lastModified": "2025-11-05T00:15:33.743", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 9.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "[email protected]", "type": "Primary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "[email protected]", "type": "Secondary"}]}, "published": "2016-10-05T10:59:01.280", "references": [{"source": "[email protected]", "url": "http://www.securityfocus.com/bid/93349"}, {"source": "[email protected]", "url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-001.pdf"}, {"source": "[email protected]", "url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-002.pdf"}, {"source": "[email protected]", "url": "https://download.beckhoff.com/download/document/product-security/Advisories/advisory-2014-003.pdf"}, {"source": "[email protected]", "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2016/icsa-16-278-02.json"}, {"source": "[email protected]", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-16-278-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/93349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-749"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-264"}], "source": "[email protected]", "type": "Secondary"}]}

{}