Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-12503

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.

Published

2020-10-15T19:15:11.753

Last Modified

2024-11-21T04:59:49.137

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-863
  • Type: Secondary
    CWE-863
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System pepperl-fuchs es7510-xt_firmware * Yes
Hardware pepperl-fuchs es7510-xt - No
Operating System pepperl-fuchs es8509-xt_firmware * Yes
Hardware pepperl-fuchs es8509-xt - No
Operating System pepperl-fuchs es8510-xt_firmware * Yes
Hardware pepperl-fuchs es8510-xt - No
Operating System pepperl-fuchs es9528-xtv2_firmware * Yes
Hardware pepperl-fuchs es9528-xtv2 - No
Operating System pepperl-fuchs es7506_firmware * Yes
Hardware pepperl-fuchs es7506 - No
Operating System pepperl-fuchs es7510_firmware * Yes
Hardware pepperl-fuchs es7510 - No
Operating System pepperl-fuchs es7528_firmware * Yes
Hardware pepperl-fuchs es7528 - No
Operating System pepperl-fuchs es8508_firmware * Yes
Hardware pepperl-fuchs es8508 - No
Operating System pepperl-fuchs es8508f_firmware * Yes
Hardware pepperl-fuchs es8508f - No
Operating System pepperl-fuchs es8510_firmware * Yes
Hardware pepperl-fuchs es8510 - No
Operating System pepperl-fuchs es8510-xte_firmware * Yes
Hardware pepperl-fuchs es8510-xte - No
Operating System pepperl-fuchs es9528_firmware * Yes
Hardware pepperl-fuchs es9528 - No
Operating System pepperl-fuchs es9528-xt_firmware * Yes
Hardware pepperl-fuchs es9528-xt - No
Operating System pepperl-fuchs icrl-m-8rj45\/4sfp-g-din_firmware ≤ 1.3.1 Yes
Hardware pepperl-fuchs icrl-m-8rj45\/4sfp-g-din - No
Operating System pepperl-fuchs icrl-m-16rj45\/4cp-g-din_firmware ≤ 1.3.1 Yes
Hardware pepperl-fuchs icrl-m-16rj45\/4cp-g-din - No
Operating System korenix jetnet_5428g-20sfp_firmware - Yes
Hardware korenix jetnet_5428g-20sfp - No
Operating System korenix jetnet_5810g_firmware - Yes
Hardware korenix jetnet_5810g - No
Operating System korenix jetnet_4706f_firmware - Yes
Hardware korenix jetnet_4706f - No
Operating System korenix jetnet_4706_firmware - Yes
Hardware korenix jetnet_4706 - No
Operating System korenix jetnet_4510_firmware - Yes
Hardware korenix jetnet_4510 - No
Operating System korenix jetnet_5010_firmware - Yes
Hardware korenix jetnet_5010 - No
Operating System korenix jetnet_5310_firmware - Yes
Hardware korenix jetnet_5310 - No
Operating System korenix jetnet_6095_firmware - Yes
Hardware korenix jetnet_6095 - No
Operating System pepperl-fuchs icrl-m-16rj45\/4cp-g-din_firmware - Yes
Hardware pepperl-fuchs icrl-m-16rj45\/4cp-g-din - No
Operating System pepperl-fuchs icrl-m-8rj45\/4sfp-g-din_firmware - Yes
Hardware pepperl-fuchs icrl-m-8rj45\/4sfp-g-din - No
Operating System korenix jetwave_2212x_firmware - Yes
Hardware korenix jetwave_2212x - No
Operating System korenix jetwave_2212s_firmware - Yes
Hardware korenix jetwave_2212s - No
Operating System korenix jetwave_2212g_firmware - Yes
Hardware korenix jetwave_2212g - No
Operating System korenix jetwave_2311_firmware - Yes
Hardware korenix jetwave_2311 - No
Operating System korenix jetwave_3220_firmware - Yes
Hardware korenix jetwave_3220 - No
References