Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Plcnext Firmware Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2020-12517

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation).

9CVSS

9AI Score

0.001EPSS

2020-12-17 11:15 PM
29
cve
cve

CVE-2020-12519

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

9.8CVSS

9.2AI Score

0.002EPSS

2020-12-17 11:15 PM
33