Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks

Beckhoff Automation has patched several vulnerabilities in its TwinCAT/BSD operating system for industrial PCs.

Cybersecurity firm Nozomi Networks has disclosed information on several vulnerabilities found by its researchers in Beckhoff Automation’s TwinCAT/BSD operating system for industrial PCs.

TwinCAT/BSD combines the TwinCAT runtime with the FreeBSD open source operating system. TwinCAT enables users to transform nearly any PC-based system into a real-time controller with multi-PLC system capabilities. 

According to Nozomi Networks, the Device Manager web-based management component shipped with the operating system, which enables the remote monitoring and configuration of Beckhoff devices, is impacted by four vulnerabilities

Two of the flaws, tracked as CVE-2024-41173 and CVE-2024-41174, have been classified as ‘high severity’ and they can be exploited for authentication bypass and cross-site scripting attacks, respectively.

According to Nozomi, an attacker can exploit CVE-2024-41173 to tamper with the PLC logic. 

“An attacker with limited credentials could exploit one of the identified vulnerabilities to reset the PLC administrator’s password without needing the original one. This would allow them to connect to the PLC with administrative access via standard engineering tools and to reprogram the device as desired, potentially subverting the supervised industrial process,” the ICS cybersecurity firm explained.

The other two flaws, rated ‘medium severity’, enable local attackers to cause a PLC denial of service (DoS).

An attacker with limited credentials can make devices unresponsive — including remotely from the network — until a power reset is performed.

Advertisement. Scroll to continue reading.

“This may be combined with other attacks against the device: for instance, a threat actor may perform the previously cited manipulation of the PLC programming to initiate the disruption of the industrial process, then enact this scenario to prevent access to the device, blocking any attempt to regain control,” Nozomi said.

Beckhoff has released patches and mitigations, and it has published advisories for each vulnerability.

Learn More at SecurityWeek’s ICS Cybersecurity Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
ICS Cybersecurity Conference
October 21-24, 2024 | Atlanta
www.icscybersecurityconference.com

Related: ICS Patch Tuesday: Advisories Released by Siemens, Schneider, Rockwell, Aveva

Related: Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption

Related: Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights