CVE-2020-12025

Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an xml external entity (XXE) vulnerability, which may allow an attacker to view hostnames or other resources from the program.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsa-20-191-02 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.00:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.01:*:*:*:*:*:*:*
cpe:2.3:a:rockwellautomation:studio_5000_logix_designer:32.02:*:*:*:*:*:*:*

Information

Published : 2020-07-14 06:15

Updated : 2020-12-15 13:30


NVD link : CVE-2020-12025

Mitre link : CVE-2020-12025


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

rockwellautomation

  • studio_5000_logix_designer