The coupler’s function could be inhibited by an attack.
A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting.
The coupler’s function could be inhibited by a denial of service attack. The coupler will not recover after the attack has stopped.
A reboot of the device recovers the operation.
Beckhoff will not change this behaviour.
Customers should configure a perimeter firewall to block traffic from untrusted networks to the device.
Beckhoff Automation thanks Martin Menschner from Rhebo GmbH for support and efforts within coordinated
Beckhoff reported the vulnerability to CERT@VDE.