CVE-2020-12521 - Vulnerability Details - OpenCVE

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00084.

Key SSVC decision points have not yet been added.

Vendors	Products
Phoenixcontact	Axc F 1152 Axc F 2152 Axc F 2152 Starterkit Axc F 3152 Plcnext Firmware Plcnext Technology Starterkit Rfc 4072s

Configuration 1 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*

cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2020-4823	On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.

Fixes

Solution

Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities.

Workaround

Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note.

References

Link	Providers
https://cert.vde.com/en-us/advisories/vde-2020-049

History

No history.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2020-12-17T22:43:14.654841Z

Updated: 2024-09-17T04:14:26.064Z

Reserved: 2020-04-30T00:00:00

Link: CVE-2020-12521

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-12-17T23:15:13.137

Modified: 2024-11-21T04:59:51.477

Link: CVE-2020-12521

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "AXC F 1152 (1151412)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 2152 (2404267)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 3152 (1069208)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "RFC 4072S (1051328", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "AXC F 2152 Starterkit (1046568)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "PLCnext Technology Starterkit (1188165)", "vendor": "Phoenix Contact", "versions": [{"lessThan": "2021.0 LTS", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Phoenix Contact reported to CERT@VDE"}], "datePublic": "2020-12-17T00:00:00", "descriptions": [{"lang": "en", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-17T22:43:14", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}], "solutions": [{"lang": "en", "value": "Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities."}], "source": {"advisory": "VDE-2020-049", "defect": ["VDE-2020-049"], "discovery": "EXTERNAL"}, "title": "Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack.", "workarounds": [{"lang": "en", "value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2020-12-17T09:00:00.000Z", "ID": "CVE-2020-12521", "STATE": "PUBLIC", "TITLE": "Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "AXC F 1152 (1151412)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 2152 (2404267)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 3152 (1069208)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "RFC 4072S (1051328", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "AXC F 2152 Starterkit (1046568)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}, {"product_name": "PLCnext Technology Starterkit (1188165)", "version": {"version_data": [{"platform": "", "version_affected": "<", "version_name": "", "version_value": "2021.0 LTS"}]}}]}, "vendor_name": "Phoenix Contact"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "Phoenix Contact reported to CERT@VDE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en-us/advisories/vde-2020-049", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}]}, "solution": [{"lang": "en", "value": "Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0 LTS or higher which fixes these vulnerabilities."}], "source": {"advisory": "VDE-2020-049", "defect": ["VDE-2020-049"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:56:52.105Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}]}]}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2020-12521", "datePublished": "2020-12-17T22:43:14.654841Z", "dateReserved": "2020-04-30T00:00:00", "dateUpdated": "2024-09-17T04:14:26.064Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*", "matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-:*:*:*:*:*:*:*", "matchCriteriaId": "079A104B-2016-4830-80C1-3AB969106649", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:plcnext_firmware:*:*:*:*:long_term_support:*:*:*", "matchCriteriaId": "8233F8C3-5D10-4FD6-B192-39535B7B464C", "versionEndExcluding": "2021.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-:*:*:*:*:*:*:*", "matchCriteriaId": "12BDD2FE-0D7C-4868-A5E4-B1004A5C217D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot."}, {"lang": "es", "value": "En Phoenix Contact PLCnext Control Devices versiones anteriores a 2021.0 LTS, un paquete LLDP especialmente dise\u00f1ado puede conllevar a una alta carga del sistema en la pila PROFINET. Un atacante puede causar un fallo en los servicios del sistema o un reinicio completo"}], "id": "CVE-2020-12521", "lastModified": "2024-11-21T04:59:51.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-17T23:15:13.137", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-049"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "info@cert.vde.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}