Login Sign Up

CVE-2024-41175

5.5 MEDIUM
Denial of Service

📋 TL;DR

CVE-2024-41175 is a local denial-of-service vulnerability in the IPC-Diagnostics package of TwinCAT/BSD that allows low-privileged local users to crash the system. This affects industrial control systems running vulnerable versions of TwinCAT/BSD. Attackers with local access can disrupt operations by causing system instability.

💻 Affected Systems

Products:
  • TwinCAT/BSD
Versions: All versions before 1.2.0
Operating Systems: TwinCAT/BSD (Beckhoff's BSD-based OS)
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with IPC-Diagnostics package installed and running.

📦 What is this software?

Ipc Diagnostics Package by Beckhoff

View all CVEs affecting Ipc Diagnostics Package →

Twincat\/bsd by Beckhoff

View all CVEs affecting Twincat\/bsd →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring physical reboot, disrupting industrial processes and causing production downtime.

🟠

Likely Case

Service disruption affecting specific TwinCAT/BSD functions, potentially impacting connected industrial equipment.

🟢

If Mitigated

Limited impact if proper access controls prevent unauthorized local users from executing the attack.

🌐 Internet-Facing: LOW - This is a local-only vulnerability requiring local system access.
🏢 Internal Only: MEDIUM - Insider threats or compromised local accounts could exploit this to disrupt operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local access with low privileges. No authentication bypass needed beyond local user access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TwinCAT/BSD 1.2.0

Vendor Advisory: https://infosys.beckhoff.com/content/1033/twincat_bsd/11780818443.html?id=4222392218353411614

Restart Required: Yes

Instructions:

1. Download TwinCAT/BSD 1.2.0 from Beckhoff support portal. 2. Backup system configuration. 3. Install update following Beckhoff documentation. 4. Reboot system to apply changes.

🔧 Temporary Workarounds

Remove IPC-Diagnostics package

linux

Uninstall the vulnerable IPC-Diagnostics package if not required for operations

pkg delete ipc-diagnostics

Restrict local user access

all

Implement strict access controls to limit local user accounts on affected systems

🧯 If You Can't Patch

  • Implement strict physical and logical access controls to prevent unauthorized local access
  • Monitor system logs for abnormal IPC-Diagnostics activity and implement compensating controls

🔍 How to Verify

Check if Vulnerable:

Check TwinCAT/BSD version: uname -a and verify if below 1.2.0. Check if IPC-Diagnostics package is installed: pkg info | grep ipc-diagnostics

Check Version:

uname -a

Verify Fix Applied:

Confirm version is 1.2.0 or higher: uname -a. Verify IPC-Diagnostics package version if still installed.

📡 Detection & Monitoring

Log Indicators:

  • System crash logs
  • IPC-Diagnostics service failures
  • Unexpected process terminations

Network Indicators:

  • None - this is a local-only vulnerability

SIEM Query:

Search for system crash events or IPC-Diagnostics service failures in system logs

📊 Metadata

CVE ID: CVE-2024-41175
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-770
Published: August 27, 2024
Last Updated: September 12, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-41175, you might also want to check these:

CVE-2024-44241 9.8

This vulnerability in DCP firmware allows attackers to execute arbitrary code or cause system crashe...

Same vulnerability type (CWE-770)
CVE-2025-11832 9.8

This CVE describes a resource allocation vulnerability in Azure Access Technology BLU-IC2 and BLU-IC...

Same vulnerability type (CWE-770)
CVE-2021-47875 9.8

GeoGebra CAS Calculator 6.0.631.0 contains a buffer overflow vulnerability that allows attackers to ...

Same vulnerability type (CWE-770)