Volerion logoVolerion
Volerion logoVolerion

Beckhoff Device Manager Arbitrary Code Execution Vulnerability

Vulnerability

A vulnerability exists in the Beckhoff Device Manager web service and certain software packages for Beckhoff IPC and CX devices. This vulnerability allows low-privileged remote attackers to execute arbitrary code by sending specially crafted requests, which can cause integer overflows leading to code execution within privileged processes. The issue can be exploited through the web interface or via an API.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with elevated privileges on the affected device.

Remediation

Users are advised to update to version 2.5.3 of the Beckhoff Device Manager XAR tcpkg package or to version 1.7.0.0 of the MDP software package for TwinCAT/BSD. For Beckhoff IPC Diagnostics software for Windows, version 2.5.3 is available. The mdp-bhf software package for Beckhoff RT Linux should be updated to version 0.0.5-1. For the MDP.dll library for Windows CE 6.0 and Embedded Compact 7 on x86 or ARM32, version 1.7.0.0 is recommended.

Added: Jan 27, 2026, 12:18 PM
Updated: Jan 27, 2026, 3:04 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
2.7
remediation
7.7
relevance
2.3
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.