CVE-2020-12518 - Vulnerability Details - OpenCVE

Description

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks.

Published: 2020-12-17

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Phoenix Contact

AXC F 1152 (1151412)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

AXC F 2152 (2404267)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

AXC F 3152 (1069208)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

RFC 4072S (1051328

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

AXC F 2152 Starterkit (1046568)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

PLCnext Technology Starterkit (1188165)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Configuration 1 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities.

Vendor Workaround

Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2020-4820	On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00191.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://cert.vde.com/en-us/advisories/vde-2020-049

History

No history.

Subscriptions

Phoenixcontact Axc F 1152 Axc F 2152 Axc F 2152 Starterkit Axc F 3152 Plcnext Firmware Plcnext Technology Starterkit Rfc 4072s

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2020-12-17T22:43:14.453Z

Updated: 2024-09-17T01:50:39.329Z

Reserved: 2020-04-30T00:00:00.000Z

Link: CVE-2020-12518

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-12-17T23:15:12.983

Modified: 2024-11-21T04:59:51.163

Link: CVE-2020-12518

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-200

{"containers": {"cna": {"affected": [{"product": "AXC F 1152 (1151412)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 2152 (2404267)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 3152 (1069208)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "RFC 4072S (1051328", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 2152 Starterkit (1046568)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "PLCnext Technology Starterkit (1188165)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Discovered by Patrick Muench, Torsten Loebner, Maurice Rothe, Pascal Keul and Daniel Hackel of SVA Systemvertrieb Alexander GmbH, coordinated by CERT@VDE"}], "datePublic": "2020-12-17T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Information Exposure", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-17T22:43:14.000Z", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}], "solutions": [{"lang": "en", "value": "Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities."}], "source": {"advisory": "VDE-2020-049", "defect": ["VDE-2020-049"], "discovery": "EXTERNAL"}, "title": "Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks.", "workarounds": [{"lang": "en", "value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2020-12-17T09:00:00.000Z", "ID": "CVE-2020-12518", "STATE": "PUBLIC", "TITLE": "Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "AXC F 1152 (1151412)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 2152 (2404267)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 3152 (1069208)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "RFC 4072S (1051328", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 2152 Starterkit (1046568)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "PLCnext Technology Starterkit (1188165)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}]}, "vendor_name": "Phoenix Contact"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "Discovered by Patrick Muench, Torsten Loebner, Maurice Rothe, Pascal Keul and Daniel Hackel of SVA Systemvertrieb Alexander GmbH, coordinated by CERT@VDE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Information Exposure"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en-us/advisories/vde-2020-049", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}]}, "solution": [{"lang": "en", "value": "Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities."}], "source": {"advisory": "VDE-2020-049", "defect": ["VDE-2020-049"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:56:52.175Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}]}]}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2020-12518", "datePublished": "2020-12-17T22:43:14.453Z", "dateReserved": "2020-04-30T00:00:00.000Z", "dateUpdated": "2024-09-17T01:50:39.329Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*", "matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*", "matchCriteriaId": "079A104B-2016-4830-80C1-3AB969106649", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-:*:*:*:*:*:*:*", "matchCriteriaId": "12BDD2FE-0D7C-4868-A5E4-B1004A5C217D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks."}, {"lang": "es", "value": "En Phoenix Contact PLCnext Control Devices versiones anteriores a 2021.0 LTS, un atacante puede utilizar los conocimientos adquiridos al leer la informaci\u00f3n confidencial que no est\u00e1 suficientemente protegida para planificar futuros ataques"}], "id": "CVE-2020-12518", "lastModified": "2024-11-21T04:59:51.163", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-17T23:15:12.983", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "info@cert.vde.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}