Main
Vulnerability Database
Exploits
ID:4749 - Exploit for Untrusted pointer dereference in TwinCAT - CVE-2018-7502
ID:4749 - Exploit for Untrusted pointer dereference in TwinCAT - CVE-2018-7502
Published: October 27, 2020
Vulnerability identifier: #VU11260
Vulnerability risk: Low
CVE-ID: CVE-2018-7502
CWE-ID: CWE-822
Exploitation vector: Local access
Vulnerable software:
TwinCAT
TwinCAT
Link to public exploit:
Vulnerability description
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to improper validation of user-supplied pointer values. A local attacker can execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists due to improper validation of user-supplied pointer values. A local attacker can execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Update TwinCAT 3.1 Build 4022 to version 4022.14, TwinCAT 2.11 R3 to version 2300 and recompile TwinCAT 3.1 C++/Matlab modules after update.