Phoenix Contact Automation Worx <= 1.87: stack-based overflow
CVE-2020-12497

7.8HIGH

Key Information:

Vendor
Phoenix Contact
Status
Automation Worx
Automation Worx Express
Vendor
CVE Published:
1 July 2020

Summary

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.

Affected Version(s)

Automation Worx <= 1.87

Automation Worx Express <= 1.87

References

https://cert.vde.com/de-de/advisories/vde-2020-023
x_refsource_CONFIRM
https://www.zerodayinitiative.com/advisories/ZDI-20-825/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-398/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

reported by Natnael Samson working with Trend Micro Zero Day Initiative, Phoenix Contact reported to CERT@VDE
.
CVE-2020-12497 : Phoenix Contact Automation Worx <= 1.87: stack-based overflow | SecurityVulnerability.io