← Retour aux CVEs
CVE-2020-12025
LOW3.3
Description
Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01, and 32.02 vulnerable to an xml external entity (XXE) vulnerability, which may allow an attacker to view hostnames or other resources from the program.
Details CVE
Score CVSS v3.13.3
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie7/14/2020
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
rockwellautomation:studio_5000_logix_designer
Faiblesses (CWE)
CWE-611CWE-611
References
https://us-cert.cisa.gov/ics/advisories/icsa-20-191-02(ics-cert@hq.dhs.gov)
https://us-cert.cisa.gov/ics/advisories/icsa-20-191-02(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.