Vulnerability Details CVE-2020-12521
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.1
References
Products affected by CVE-2020-12521
-
cpe:2.3:h:phoenixcontact:axc_f_1152:-
-
cpe:2.3:h:phoenixcontact:axc_f_2152:-
-
cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-
-
cpe:2.3:h:phoenixcontact:axc_f_3152:-
-
cpe:2.3:h:phoenixcontact:plcnext_technology_starterkit:-
-
cpe:2.3:h:phoenixcontact:rfc_4072s:-
-
cpe:2.3:o:phoenixcontact:plcnext_firmware:*