ICS Beckhoff IPC diagnostics Multiple Authentication Bypass Vulnerabilities -1 (CVE-2015-4051)
Rule ID
1137708
Severity
High
Description
Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi.
Impact
Remote command execution
Recommendation
Update vendor's patch.
IPS Category
ICS threats
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
References
Keywords
N/A
Date Created
2020/10/14
Last Updated
2024/06/03
This website uses cookies to ensure you get the best experience on our website.
Learn more