CVE-2019-16871

high-risk
Published 2019-12-19

Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol.

Do I need to act?

~
5.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (4)

Twincat
Twincat
Twincat
Twincat

Affected Vendors

Beckhoff

References (4)

Vendor Advisory https://download.beckhoff.com/download/document/product-security/Advisories/advi...
Exploit https://www.ic4.be/2019/12/18/beckhoff-cve-2019-16871/#more-648
Vendor Advisory https://download.beckhoff.com/download/document/product-security/Advisories/advi...
Exploit https://www.ic4.be/2019/12/18/beckhoff-cve-2019-16871/#more-648
51
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 9/34 · Low
Exposure 10/34 · Low