Unknown
CVE-2020-12504
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2020-12504
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- es7506 firmware,
- es7510 firmware,
- es7510-xt firmware,
- es7528 firmware,
- es8508 firmware,
- es8508f firmware,
- es8509-xt firmware,
- es8510 firmware,
- es8510-xt firmware,
- es8510-xte firmware,
- es9528 firmware,
- es9528-xt firmware,
- es9528-xtv2 firmware,
- icrl-m-16rj45/4cp-g-din firmware,
- icrl-m-8rj45/4sfp-g-din firmware,
- jetwave 2212g firmware 1.4,
- jetwave 2212s firmware 1.5,
- jetwave 2212x firmware 1.5,
- jetwave 2311 firmware 1.2,
- jetwave 3220 firmware 1.2,
- jetwave 3420 firmware 1.1.3t,
- jetwave 4510 firmware 3.0b,
- jetwave 4706 firmware 2.3b,
- jetwave 4706f firmware 2.3b,
- jetwave 5010 firmware 3.1a,
- jetwave 5310 firmware 1.5,
- jetwave 5428g-20sfp firmware 1.0,
- jetwave 5810g firmware 1.1,
- pmi-110-f2g firmware 1.5
Weaknesses
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
