Beckhoff has an update to mitigate an untrusted pointer dereference in its TwinCAT product, according to a report with ICS-CERT.
Successful exploitation of this vulnerability, discovered by Steven Seeley of Source Incite, could allow local attackers to escalate privileges.
The vulnerability affects the following TwinCAT PLC products:
• TwinCAT 3.1 Build 4022.4 or prior
• TwinCAT 2.11 R3 2259 or prior
• TwinCAT 3.1 C++ / Matlab (TC1210/TC1220/TC1300/TC1320)
No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely. However, an attacker with low skill level could leverage the vulnerability.
In the vulnerability, several kernel drivers lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges.
CVE-2018-7502 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.8.
The product sees use in the critical manufacturing, energy, and water and wastewater systems sectors. It also sees action on a global basis.
Beckhoff recommends users update to the newest version and recompile Matlab modules after updating.
Click here to see Beckhoff Security Advisory 2018-001.