CVE-2020-12500

Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration.

Una vulnerabilidad de Autorización Inapropiada de Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528-XT (todas las versiones), permite la administración de dispositivos no autenticados

Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706, JetNet 4510, JetNet 5010, JetNet 5310, and JetNet 6095.

*Credits: T. Weber (SEC Consult Vulnerability Lab), Coordinated by CERT@VDE

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-04-30 CVE Reserved
2020-10-05 CVE Published
2024-06-24 EPSS Updated
2024-09-17 CVE Updated
2024-09-17 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-306: Missing Authentication for Critical Function

CAPEC

References (5)

URL	Tag	Source
https://cert.vde.com/de-de/advisories/vde-2020-040	Third Party Advisory
https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs	Third Party Advisory

URL	Date	SRC
http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html	2024-09-17
http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html	2024-09-17
http://seclists.org/fulldisclosure/2021/Jun/0	2024-09-17

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7510-xt Firmware Search vendor "Pepperl-fuchs" for product "Es7510-xt Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7510-xt Search vendor "Pepperl-fuchs" for product "Es7510-xt"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8509-xt Firmware Search vendor "Pepperl-fuchs" for product "Es8509-xt Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8509-xt Search vendor "Pepperl-fuchs" for product "Es8509-xt"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8510-xt Firmware Search vendor "Pepperl-fuchs" for product "Es8510-xt Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8510-xt Search vendor "Pepperl-fuchs" for product "Es8510-xt"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es9528-xtv2 Firmware Search vendor "Pepperl-fuchs" for product "Es9528-xtv2 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es9528-xtv2 Search vendor "Pepperl-fuchs" for product "Es9528-xtv2"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7506 Firmware Search vendor "Pepperl-fuchs" for product "Es7506 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7506 Search vendor "Pepperl-fuchs" for product "Es7506"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7510 Firmware Search vendor "Pepperl-fuchs" for product "Es7510 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7510 Search vendor "Pepperl-fuchs" for product "Es7510"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7528 Firmware Search vendor "Pepperl-fuchs" for product "Es7528 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es7528 Search vendor "Pepperl-fuchs" for product "Es7528"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8508 Firmware Search vendor "Pepperl-fuchs" for product "Es8508 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8508 Search vendor "Pepperl-fuchs" for product "Es8508"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8508f Firmware Search vendor "Pepperl-fuchs" for product "Es8508f Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8508f Search vendor "Pepperl-fuchs" for product "Es8508f"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8510 Firmware Search vendor "Pepperl-fuchs" for product "Es8510 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8510 Search vendor "Pepperl-fuchs" for product "Es8510"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8510-xte Firmware Search vendor "Pepperl-fuchs" for product "Es8510-xte Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es8510-xte Search vendor "Pepperl-fuchs" for product "Es8510-xte"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es9528 Firmware Search vendor "Pepperl-fuchs" for product "Es9528 Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es9528 Search vendor "Pepperl-fuchs" for product "Es9528"	-	-	Safe
Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es9528-xt Firmware Search vendor "Pepperl-fuchs" for product "Es9528-xt Firmware"	*	-	Affected	in	Pepperl-fuchs Search vendor "Pepperl-fuchs"	Es9528-xt Search vendor "Pepperl-fuchs" for product "Es9528-xt"	-	-	Safe