CVE-2020-12524

Published: Dec 2, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).

Affected (3)

Products: Phoenixcontact: Btp 2043w Firmware, Btp 2070w Firmware, Btp 2102w Firmware

3 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Btp 2043w Firmware	All versions

Running on/with	Platform Versions
Phoenixcontact Btp 2043w	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Btp 2070w Firmware	All versions

Running on/with	Platform Versions
Phoenixcontact Btp 2070w	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phoenixcontact Btp 2102w Firmware	All versions

Running on/with	Platform Versions
Phoenixcontact Btp 2102w	All versions

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://cert.vde.com/en-us/advisories/vde-2020-047

Source: info@cert.vde.com

Third Party Advisory

https://cert.vde.com/en-us/advisories/vde-2020-047

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.