CVE-2017-16726
CRITICALBeckhoff TwinCAT - Inadequate Encryption Strength in ADS Protocol
Title source: llmDescription
Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not include any encryption algorithms because of their negative effect on performance and throughput. An attacker can forge arbitrary ADS packets when legitimate ADS traffic is observable.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2017-001.pdf
Scores
CVSS v3
9.1
EPSS
0.0051
EPSS Percentile
39.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-326
CWE-285
Status
published
Products (1)
beckhoff/twincat
Published
Jun 27, 2018
Tracked Since
Feb 18, 2026