← Back

CVE-2020-12503

nvd nist
Published: Oct 15, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.2
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.2 / Impact: 5.9
Source: NVD

Description

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.

Affected (30)

Pepperl Fuchs
15 products
Es7510 Xt Firmware
Es8509 Xt Firmware
Es8510 Xt Firmware
Es9528 Xtv2 Firmware
Es7506 Firmware
Es7510 Firmware
Es7528 Firmware
Es8508 Firmware
Es8508f Firmware
Es8510 Firmware
Es8510 Xte Firmware
Es9528 Firmware
Es9528 Xt Firmware
Icrl M 8rj45/4sfp G Din Firmware
Icrl M 16rj45/4cp G Din Firmware
Korenix
13 products
Jetnet 5428g 20sfp Firmware
Jetnet 5810g Firmware
Jetnet 4706f Firmware
Jetnet 4706 Firmware
Jetnet 4510 Firmware
Jetnet 5010 Firmware
Jetnet 5310 Firmware
Jetnet 6095 Firmware
Jetwave 2212x Firmware
Jetwave 2212s Firmware
Jetwave 2212g Firmware
Jetwave 2311 Firmware
Jetwave 3220 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es7510 Xt Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es7510 Xt
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es8509 Xt Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es8509 Xt
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es8510 Xt Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es8510 Xt
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es9528 Xtv2 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es9528 Xtv2
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es7506 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es7506
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es7510 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es7510
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es7528 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es7528
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es8508 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es8508
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es8508f Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es8508f
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es8510 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es8510
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es8510 Xte Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es8510 Xte
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es9528 Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es9528
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Es9528 Xt Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Es9528 Xt
All versions
Configuration N
1 vulnerable
Vulnerable SoftwareAffected Versions
Icrl M 8rj45/4sfp G Din Firmware
Up to 1.3.1
Configuration O
1 vulnerable
Vulnerable SoftwareAffected Versions
Icrl M 16rj45/4cp G Din Firmware
Up to 1.3.1
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 5428g 20sfp Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 5428g 20sfp
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 5810g Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 5810g
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 4706f Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 4706f
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 4706 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 4706
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 4510 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 4510
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 5010 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 5010
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 5310 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 5310
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetnet 6095 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetnet 6095
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Icrl M 16rj45/4cp G Din Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Icrl M 16rj45/4cp G Din
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Icrl M 8rj45/4sfp G Din Firmware
All versions
Running on/withPlatform Versions
Pepperl Fuchs
Icrl M 8rj45/4sfp G Din
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetwave 2212x Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetwave 2212x
All versions
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetwave 2212s Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetwave 2212s
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetwave 2212g Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetwave 2212g
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetwave 2311 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetwave 2311
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Jetwave 3220 Firmware
All versions
Running on/withPlatform Versions
Korenix
Jetwave 3220
All versions

Related CWEs

CWE-863
Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (12)

Source: info@cert.vde.com
ExploitThird Party AdvisoryVDB Entry
Source: info@cert.vde.com
ExploitThird Party AdvisoryVDB Entry
Source: info@cert.vde.com
Mailing ListThird Party Advisory
Source: info@cert.vde.com
Third Party Advisory
Source: info@cert.vde.com
Third Party Advisory
Source: info@cert.vde.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.