CVE-2020-12519 HIGH

CVE-2020-12519: Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

Vendor Phoenix Contact
Product AXC F 1152 (1151412)
Weakness CWE-269
Published December 17, 2020
Last update September 17, 2024

CVSS base score

8.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

Key dates

02Disclosure timeline

December 17, 2020 CVE published
September 17, 2024 Record updated