Rewterz Threat Advisory – ICS: Phoenix Contact Automation Worx Software Suite
July 10, 2020Rewterz Threat Advisory – CVE-2020-1647 – Juniper Junos OS Double free vulnerability
July 10, 2020Rewterz Threat Advisory – ICS: Phoenix Contact Automation Worx Software Suite
July 10, 2020Rewterz Threat Advisory – CVE-2020-1647 – Juniper Junos OS Double free vulnerability
July 10, 2020Severity
Low
Analysis Summary
Logix Designer Studio 5000 use a third-party XML parser that natively accepts AML and RDF files from any external entity. If exploited successfully, an unauthenticated attacker might be able to create a malicious file, which, when scanned, could lead to the disclosure of hostname information or other program resources.
Impact
Information disclosure
Affected Vendors
Rockwell Automation
Affected Products
- Logix Designer Studio 5000 Versions 32.00
- Logix Designer Studio 5000 Versions 32.01
- Logix Designer Studio 5000 Versions 32.02
Remediation
Refer to ICS advisory for the complete list of affected products and respective patches.