Lucene search

CVE-2020-12517

🗓️ 17 Dec 2020 23:12:15Reported by [email protected]Type

Phoenix Contact PLCnext Control Devices vulnerable to local privilege escalatio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Prion	Privilege escalation	17 Dec 202023:15	–	prion
CVE	CVE-2020-12517	17 Dec 202023:15	–	cve
Cvelist	CVE-2020-12517 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation).	17 Dec 202022:43	–	cvelist
CNVD	Phoenix Contact PLCnext Control Devices Cross-Site Scripting Vulnerability	18 Dec 202000:00	–	cnvd

Nvd

Node

phoenixcontact plcnext_firmwareRange<2021.0long_term_support

AND

phoenixcontact axc_f_1152Match-

Node

phoenixcontact plcnext_firmwareRange<2021.0long_term_support

AND

phoenixcontact axc_f_2152Match-

Node

phoenixcontact plcnext_firmwareRange<2021.0long_term_support

AND

phoenixcontact axc_f_3152Match-

Node

phoenixcontact plcnext_firmwareRange<2021.0long_term_support

AND

phoenixcontact rfc_4072sMatch-

Node

phoenixcontact plcnext_firmwareRange<2021.0long_term_support

AND

phoenixcontact axc_f_2152_starterkitMatch-

Node

phoenixcontact plcnext_firmwareRange<2021.0long_term_support

AND

phoenixcontact plcnext_technology_starterkitMatch-

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2020-049

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Dec 2020 23:15Current

8.8High risk

Vulners AI Score8.8

CVSS26

CVSS39

EPSS0.00347

CWE-79