The MPD package included in TwinCAT/BSD allows an authenticated, low-privileged local attacker to induce a Denial-of-Service (DoS) condition on the daemon and execute code in the context of user “root” via a crafted HTTP request.
2024-08-27T08:15:05.317
2024-10-01T07:15:03.147
Modified
CVSSv3.1: 7.3 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | beckhoff | mdp_package | < 1.2.7.0 | Yes |
Operating System | beckhoff | twincat\/bsd | < 14.1.2.0 | Yes |