Metrics
Affected Vendors & Products
Source | ID | Title |
---|---|---|
![]() |
EUVD-2020-4819 | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation). |
Solution
Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities.
Workaround
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note.
Link | Providers |
---|---|
https://cert.vde.com/en-us/advisories/vde-2020-049 |
![]() ![]() |
No history.

Status: PUBLISHED
Assigner: CERTVDE
Published:
Updated: 2024-09-16T22:10:20.898Z
Reserved: 2020-04-30T00:00:00
Link: CVE-2020-12517

No data.

Status : Modified
Published: 2020-12-17T23:15:12.873
Modified: 2024-11-21T04:59:51.010
Link: CVE-2020-12517

No data.

No data.