HIGH🇬🇧 English

CVE-2020-12069

CVSS 7.8v3.1pub. 2022-12-26upd. 2025-05-05

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Codesys Control For Beaglebone

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Empc A\/imx6

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Iot2000

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Linux

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Pfc100

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Pfc200

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Plcnext

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control For Raspberry Pi

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control Rte V3

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control V3 Runtime System Toolkit

    APP
    Codesys
    < 3.5.16.0
  • Codesys Control Win V3

    APP
    Codesys
    < 3.5.16.0
  • Codesys Hmi V3

    APP
    Codesys
    < 3.5.16.0
  • Codesys V3 Simulation Runtime

    APP
    Codesys
    < 3.5.16.0
  • Festo Controller Cecc D

    HW
    Festo
    wszystkie wersje
  • Festo Controller Cecc D Firmware

    OS
    Festo
    2.3.8.02.3.8.1
  • Festo Controller Cecc Lk

    HW
    Festo
    wszystkie wersje
  • Festo Controller Cecc Lk Firmware

    OS
    Festo
    2.3.8.02.3.8.1
  • Festo Controller Cecc S

    HW
    Festo
    wszystkie wersje
  • Festo Controller Cecc S Firmware

    OS
    Festo
    2.3.8.02.3.8.1
  • Pilz Pmc

    APP
    Pilz
    3.0.0 – 3.5.17 (bez)
  • Wago 750 8100

    HW
    Wago
    wszystkie wersje
  • Wago 750 8100 Firmware

    OS
    Wago
    < 03.06.19\(18\)
  • Wago 750 8101

    HW
    Wago
    wszystkie wersje
  • Wago 750 8101 Firmware

    OS
    Wago
    < 03.06.19\(18\)
  • Wago 750 8102

    HW
    Wago
    wszystkie wersje
  • Wago 750 8102 Firmware

    OS
    Wago
    < 03.06.19\(18\)
  • Wago 750 8202

    HW
    Wago
    wszystkie wersje
  • Wago 750 8202 Firmware

    OS
    Wago
    < 03.06.19\(18\)
  • Wago 750 8203

    HW
    Wago
    wszystkie wersje
  • Wago 750 8203 Firmware

    OS
    Wago
    < 03.06.19\(18\)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-3270CRITICAL9.8ten sam produkt

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protoc...

CVE-2021-34569CRITICAL9.8ten sam produkt

In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS c...

CVE-2021-34566CRITICAL9.1ten sam produkt

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted...

CVE-2021-34584CRITICAL9.1ten sam produkt

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- s...

CVE-2021-30190CRITICAL9.8ten sam produkt

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.