CVE-2020-12524 HIGH

CVE-2020-12524: Phoenix Contact BTP Touch Panels uncontrolled resource consumption

Vendor Phoenix Contact
Product BTP Touch Panel
Weakness CWE-400
Published December 2, 2020
Last update September 17, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).

Key dates

02Disclosure timeline

December 2, 2020 CVE published
September 17, 2024 Record updated