Vulnerabilites related to Phoenix Contact - Automation Worx Express
cve-2020-12497
Vulnerability from cvelistv5
Published
2020-07-01 15:52
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-023 | x_refsource_CONFIRM | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-825/ | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-398/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | Automation Worx |
Version: unspecified < |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.059Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-023"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-825/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-398/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Automation Worx",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.87",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Automation Worx Express",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.87",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "reported by Natnael Samson working with Trend Micro Zero Day Initiative, Phoenix Contact reported to CERT@VDE"
}
],
"descriptions": [
{
"lang": "en",
"value": "PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-31T09:06:17",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-023"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-825/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-398/"
}
],
"solutions": [
{
"lang": "en",
"value": "With the next version of Automation Worx Software Suite (Version \u003e 1.87) a sharpened input data validation with respect to buffer size and description of size and number of objects referenced in a file will be implemented."
}
],
"source": {
"defect": [
"VDE-2020-023"
],
"discovery": "EXTERNAL"
},
"title": "Phoenix Contact Automation Worx \u003c= 1.87: stack-based overflow",
"workarounds": [
{
"lang": "en",
"value": "We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"ID": "CVE-2020-12497",
"STATE": "PUBLIC",
"TITLE": "Phoenix Contact Automation Worx \u003c= 1.87: stack-based overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automation Worx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.87"
}
]
}
},
{
"product_name": "Automation Worx Express",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.87"
}
]
}
}
]
},
"vendor_name": "Phoenix Contact"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "reported by Natnael Samson working with Trend Micro Zero Day Initiative, Phoenix Contact reported to CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-023",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-023"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-825/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-825/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-398/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-398/"
}
]
},
"solution": [
{
"lang": "en",
"value": "With the next version of Automation Worx Software Suite (Version \u003e 1.87) a sharpened input data validation with respect to buffer size and description of size and number of objects referenced in a file will be implemented."
}
],
"source": {
"defect": [
"VDE-2020-023"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12497",
"datePublished": "2020-07-01T15:52:35",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-08-04T11:56:52.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12498
Vulnerability from cvelistv5
Published
2020-07-01 15:52
Modified
2024-08-04 11:56
Severity ?
EPSS score ?
Summary
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert.vde.com/de-de/advisories/vde-2020-023 | x_refsource_CONFIRM | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-826/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | Automation Worx |
Version: unspecified < |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-023"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-826/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Automation Worx",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.87",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Automation Worx Express",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.87",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "reported by mdm working with Trend Micro Zero Day Initiative, Phoenix Contact reported to CERT@VDE"
}
],
"descriptions": [
{
"lang": "en",
"value": "mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-10T14:06:05",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-023"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-826/"
}
],
"solutions": [
{
"lang": "en",
"value": "With the next version of Automation Worx Software Suite (Version \u003e 1.87) a sharpened input data validation with respect to buffer size and description of size and number of objects referenced in a file will be implemented."
}
],
"source": {
"defect": [
"VDE-2020-023"
],
"discovery": "EXTERNAL"
},
"title": "Phoenix Contact Automation Worx \u003c= 1.87: out-of-bounds read remote code execution",
"workarounds": [
{
"lang": "en",
"value": "We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"ID": "CVE-2020-12498",
"STATE": "PUBLIC",
"TITLE": "Phoenix Contact Automation Worx \u003c= 1.87: out-of-bounds read remote code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automation Worx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.87"
}
]
}
},
{
"product_name": "Automation Worx Express",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.87"
}
]
}
}
]
},
"vendor_name": "Phoenix Contact"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "reported by mdm working with Trend Micro Zero Day Initiative, Phoenix Contact reported to CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-023",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-023"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-826/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-826/"
}
]
},
"solution": [
{
"lang": "en",
"value": "With the next version of Automation Worx Software Suite (Version \u003e 1.87) a sharpened input data validation with respect to buffer size and description of size and number of objects referenced in a file will be implemented."
}
],
"source": {
"defect": [
"VDE-2020-023"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12498",
"datePublished": "2020-07-01T15:52:35",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-08-04T11:56:52.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}