Access Control Vulnerability in Beckhoff CX9020 Automation Product
CVE-2020-20741

9.8CRITICAL

Key Information:

Vendor: Beckhoff
Status: Cx9020
Vendor: CVE Published:; 23 July 2021

What is CVE-2020-20741?

The Beckhoff CX9020 automation device is vulnerable to an access control flaw that allows unauthorized remote attackers to bypass authentication. This occurs through the 'CE Remote Display Tool', which fails to adequately manage incoming connections when incorrect credentials are provided. As a result, malicious actors can potentially exploit this weakness to gain unauthorized access to the system.

References

https://download.beckhoff.com/download/Document/product-s...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2021
Vulnerability Reserved
Aug 13, 2020