Vulnerability Details : CVE-2020-12069
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.
Products affected by CVE-2020-12069
- cpe:2.3:o:wago:750-8202_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8203_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8204_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8206_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8207_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8210_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8211_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8212_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8213_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8214_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8216_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8217_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8100_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8101_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8102_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4205\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4206\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4305\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4306\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5205\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5206\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5305\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5306\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6301\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6302\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6303\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6304\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:750-8215_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4201\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4202\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4203\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4204\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4205\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4206\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4301\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4302\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4303\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-4304\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5203\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5204\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5303\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-5304\/8000-002_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6201\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6202\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6203\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:762-6204\/8000-001_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:wago:752-8303\/8000-0002_firmware:*:*:*:*:*:*:*:*When used together with: Wago » 752-8303/8000-0002
- cpe:2.3:o:festo:controller_cecc-d_firmware:2.3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:festo:controller_cecc-d_firmware:2.3.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:festo:controller_cecc-lk_firmware:2.3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:festo:controller_cecc-lk_firmware:2.3.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:festo:controller_cecc-s_firmware:2.3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:festo:controller_cecc-s_firmware:2.3.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_empc-a\/imx6:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_v3_runtime_system_toolkit:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_rte_v3:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:control_win_v3:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:hmi_v3:*:*:*:*:*:*:*:*
- cpe:2.3:a:codesys:v3_simulation_runtime:*:*:*:*:*:*:*:*
- cpe:2.3:a:pilz:pmc:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-12069
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 5 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-12069
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
MITRE | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
CERT VDE | 2024-10-03 |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-10-03 |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-12069
-
The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.Assigned by:
- cve@mitre.org (Secondary)
- info@cert.vde.com (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2020-12069
-
https://cert.vde.com/en/advisories/VDE-2021-061/
VDE-2021-061 | CERT@VDEThird Party Advisory
-
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12943&token=d097958a67ba382de688916f77e3013c0802fade&download=
Vendor Advisory
-
https://cert.vde.com/en/advisories/VDE-2022-022/
VDE-2022-022 | CERT@VDEThird Party Advisory
-
https://cert.vde.com/en/advisories/VDE-2022-031/
VDE-2022-031 | CERT@VDEThird Party Advisory
Jump to