HTTP: Phoenix Contact Automationworx PLCOpen XML Stack Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Phoenix Contact Automationworx. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
Affected Products
Phoenixcontact pc_worx
References
CVE: CVE-2020-12497
Short Name
HTTP:STC:DL:PCA-PLC-XML-SBOF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Automationworx Buffer CVE-2020-12497 Contact Overflow PLCOpen Phoenix Stack XML
Release Date
09/18/2020
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Phoenixcontact
CVSS Score
6.8