CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

Phoenix Contact Automationworx PLCOpen XML File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Phoenix Contact Automationworx. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Phoenix Contact PC Worx and Worx Express Buffer Overflow Vulnerability (CNVD-2020-38414)

Phoenix Contact PC Worx and Phoenix Contact PC Worx Express are both programming software packages for PLCs Programmable Logic Controllers from Phoenix Contact, Germany. A buffer overflow vulnerability exists in the parsing of PLCopen XML files in Phoenix Contact PC Worx and PC Worx Express...

CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12497

CVE-2020-12497 affects Phoenix Contact PC Worx and PC Worx Express up to version 1.87. The issue is a stack-based overflow in PLCopen XML file parsing caused by insufficient input validation, which could allow remote code execution when manipulated PC Worx projects are processed. Public sources c...

CVE-2020-12497 Phoenix Contact Automation Worx <= 1.87: stack-based overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...