On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.
References
Link | Resource |
---|---|
https://cert.vde.com/en-us/advisories/vde-2020-049 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Information
Published : 2020-12-17 15:15
Updated : 2020-12-21 10:34
NVD link : CVE-2020-12519
Mitre link : CVE-2020-12519
JSON object : View
CWE
CWE-269
Improper Privilege Management
Products Affected
phoenixcontact
- axc_f_3152
- rfc_4072s
- axc_f_1152
- axc_f_2152
- axc_f_2152_starterkit
- plcnext_firmware
- plcnext_technology_starterkit