CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

Products affected by CVE-2020-12497

Phoenixcontact » Pc Worx » Version: N/A

cpe:2.3:a:phoenixcontact:pc_worx:-
Phoenixcontact » Pc Worx » Version: 1.10

cpe:2.3:a:phoenixcontact:pc_worx:1.10
Phoenixcontact » Pc Worx » Version: 1.20

cpe:2.3:a:phoenixcontact:pc_worx:1.20
Phoenixcontact » Pc Worx » Version: 1.23

cpe:2.3:a:phoenixcontact:pc_worx:1.23
Phoenixcontact » Pc Worx » Version: 1.30

cpe:2.3:a:phoenixcontact:pc_worx:1.30
Phoenixcontact » Pc Worx » Version: 1.40

cpe:2.3:a:phoenixcontact:pc_worx:1.40
Phoenixcontact » Pc Worx » Version: 1.50

cpe:2.3:a:phoenixcontact:pc_worx:1.50
Phoenixcontact » Pc Worx » Version: 1.60

cpe:2.3:a:phoenixcontact:pc_worx:1.60
Phoenixcontact » Pc Worx » Version: 1.70

cpe:2.3:a:phoenixcontact:pc_worx:1.70
Phoenixcontact » Pc Worx » Version: 1.80

cpe:2.3:a:phoenixcontact:pc_worx:1.80
Phoenixcontact » Pc Worx » Version: 1.81

cpe:2.3:a:phoenixcontact:pc_worx:1.81
Phoenixcontact » Pc Worx » Version: 1.82

cpe:2.3:a:phoenixcontact:pc_worx:1.82
Phoenixcontact » Pc Worx » Version: 1.83

cpe:2.3:a:phoenixcontact:pc_worx:1.83
Phoenixcontact » Pc Worx » Version: 1.84

cpe:2.3:a:phoenixcontact:pc_worx:1.84
Phoenixcontact » Pc Worx » Version: 1.85

cpe:2.3:a:phoenixcontact:pc_worx:1.85
Phoenixcontact » Pc Worx » Version: 1.86

cpe:2.3:a:phoenixcontact:pc_worx:1.86
Phoenixcontact » Pc Worx Express » Version: N/A

cpe:2.3:a:phoenixcontact:pc_worx_express:-
Phoenixcontact » Pc Worx Express » Version: 1.10

cpe:2.3:a:phoenixcontact:pc_worx_express:1.10
Phoenixcontact » Pc Worx Express » Version: 1.20

cpe:2.3:a:phoenixcontact:pc_worx_express:1.20
Phoenixcontact » Pc Worx Express » Version: 1.23

cpe:2.3:a:phoenixcontact:pc_worx_express:1.23
Phoenixcontact » Pc Worx Express » Version: 1.30

cpe:2.3:a:phoenixcontact:pc_worx_express:1.30
Phoenixcontact » Pc Worx Express » Version: 1.40

cpe:2.3:a:phoenixcontact:pc_worx_express:1.40
Phoenixcontact » Pc Worx Express » Version: 1.50

cpe:2.3:a:phoenixcontact:pc_worx_express:1.50
Phoenixcontact » Pc Worx Express » Version: 1.60

cpe:2.3:a:phoenixcontact:pc_worx_express:1.60
Phoenixcontact » Pc Worx Express » Version: 1.70

cpe:2.3:a:phoenixcontact:pc_worx_express:1.70
Phoenixcontact » Pc Worx Express » Version: 1.80

cpe:2.3:a:phoenixcontact:pc_worx_express:1.80
Phoenixcontact » Pc Worx Express » Version: 1.81

cpe:2.3:a:phoenixcontact:pc_worx_express:1.81
Phoenixcontact » Pc Worx Express » Version: 1.82

cpe:2.3:a:phoenixcontact:pc_worx_express:1.82
Phoenixcontact » Pc Worx Express » Version: 1.83

cpe:2.3:a:phoenixcontact:pc_worx_express:1.83
Phoenixcontact » Pc Worx Express » Version: 1.84

cpe:2.3:a:phoenixcontact:pc_worx_express:1.84
Phoenixcontact » Pc Worx Express » Version: 1.85

cpe:2.3:a:phoenixcontact:pc_worx_express:1.85
Phoenixcontact » Pc Worx Express » Version: 1.86

cpe:2.3:a:phoenixcontact:pc_worx_express:1.86
Phoenixcontact » Pc Worx Express » Version: 1.87

cpe:2.3:a:phoenixcontact:pc_worx_express:1.87

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12497

Products

Pricing

Contact Us