CVE-2020-12519

Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

Description

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

Remediation

Solution:

Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities.

Workaround:

Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note.

References

Link	Tags
https://cert.vde.com/en-us/advisories/vde-2020-049	third party advisory

Frequently Asked Questions

What is the severity of CVE-2020-12519?: CVE-2020-12519 has been scored as a high severity vulnerability.
How to fix CVE-2020-12519?: To fix CVE-2020-12519: Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities.
Is CVE-2020-12519 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2020-12519 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-12519?: CVE-2020-12519 affects Phoenix Contact AXC F 1152 (1151412), Phoenix Contact AXC F 2152 (2404267), Phoenix Contact AXC F 3152 (1069208), Phoenix Contact RFC 4072S (1051328, Phoenix Contact AXC F 2152 Starterkit (1046568), Phoenix Contact PLCnext Technology Starterkit (1188165).

Description

Remediation

Category

CWE-269 – Improper Privilege Management

References

Frequently Asked Questions