The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for automatic execution upon log in of a user. If a less privileged user has a local account he or she can replace TcSysUI.exe. It will be executed automatically by another user during login. This is also true for users with administrative access. Consequently, a less privileged user can trick a higher privileged user into executing code he or she modified this way. By default Beckhoff’s IPCs are shipped with TwinCAT software installed this way and with just a single local user configured. Thus the vulnerability exists if further less privileged users have been added.
Published 2020-11-19 18:15:14
Updated 2020-12-03 16:47:54
Source CERT VDE
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2020-12510

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-12510

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
6.0
MEDIUM AV:N/AC:M/Au:S/C:P/I:P/A:P
6.8
6.4
NIST
7.3
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1.3
5.9
CERT VDE
7.3
HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1.3
5.9
NIST

CWE ids for CVE-2020-12510

  • During installation, installed file permissions are set to allow anyone to modify those files.
    Assigned by:
    • info@cert.vde.com (Secondary)
    • nvd@nist.gov (Primary)

References for CVE-2020-12510

Products affected by CVE-2020-12510

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!