CVE-2020-12521 - Vulnerability Details - OpenCVE

Description

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.

Published: 2020-12-17

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Phoenix Contact

AXC F 1152 (1151412)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

AXC F 2152 (2404267)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

AXC F 3152 (1069208)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

RFC 4072S (1051328

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

AXC F 2152 Starterkit (1046568)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Phoenix Contact

PLCnext Technology Starterkit (1188165)

affected

Version	Status	Constraints
`unspecified`	affected	< 2021.0 LTS

Configuration 1 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities.

Vendor Workaround

Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2020-4823	On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00084.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://cert.vde.com/en-us/advisories/vde-2020-049

History

No history.

Subscriptions

Phoenixcontact Axc F 1152 Axc F 2152 Axc F 2152 Starterkit Axc F 3152 Plcnext Firmware Plcnext Technology Starterkit Rfc 4072s

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2020-12-17T22:43:14.654Z

Updated: 2024-09-17T04:14:26.064Z

Reserved: 2020-04-30T00:00:00.000Z

Link: CVE-2020-12521

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-12-17T23:15:13.137

Modified: 2024-11-21T04:59:51.477

Link: CVE-2020-12521

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-20

{"containers": {"cna": {"affected": [{"product": "AXC F 1152 (1151412)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 2152 (2404267)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 3152 (1069208)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "RFC 4072S (1051328", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 2152 Starterkit (1046568)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "PLCnext Technology Starterkit (1188165)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Phoenix Contact reported to CERT@VDE"}], "datePublic": "2020-12-17T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-17T22:43:14.000Z", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}], "solutions": [{"lang": "en", "value": "Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities."}], "source": {"advisory": "VDE-2020-049", "defect": ["VDE-2020-049"], "discovery": "EXTERNAL"}, "title": "Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack.", "workarounds": [{"lang": "en", "value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2020-12-17T09:00:00.000Z", "ID": "CVE-2020-12521", "STATE": "PUBLIC", "TITLE": "Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "AXC F 1152 (1151412)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 2152 (2404267)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 3152 (1069208)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "RFC 4072S (1051328", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 2152 Starterkit (1046568)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "PLCnext Technology Starterkit (1188165)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}]}, "vendor_name": "Phoenix Contact"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "Phoenix Contact reported to CERT@VDE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en-us/advisories/vde-2020-049", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}]}, "solution": [{"lang": "en", "value": "Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities."}], "source": {"advisory": "VDE-2020-049", "defect": ["VDE-2020-049"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:56:52.105Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}]}]}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2020-12521", "datePublished": "2020-12-17T22:43:14.654Z", "dateReserved": "2020-04-30T00:00:00.000Z", "dateUpdated": "2024-09-17T04:14:26.064Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*", "matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*", "matchCriteriaId": "079A104B-2016-4830-80C1-3AB969106649", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-:*:*:*:*:*:*:*", "matchCriteriaId": "12BDD2FE-0D7C-4868-A5E4-B1004A5C217D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot."}, {"lang": "es", "value": "En Phoenix Contact PLCnext Control Devices versiones anteriores a 2021.0 LTS, un paquete LLDP especialmente dise\u00f1ado puede conllevar a una alta carga del sistema en la pila PROFINET. Un atacante puede causar un fallo en los servicios del sistema o un reinicio completo"}], "id": "CVE-2020-12521", "lastModified": "2024-11-21T04:59:51.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-17T23:15:13.137", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "info@cert.vde.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}