CVE-2020-12493
published 2020-05-29CVE-2020-12493: An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via…
PriorityP263critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
1.40%
69.2th percentile
An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| swarco | cpu_ls4000 | — | — |
| swarco | cpu_ls4000_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for unauthenticated network connections to SWARCO CPU LS4000 devices (OS versions starting with G4) on any open debugging port — successful connection yields root-level access with no credentials required. ↗
- →Target devices are SWARCO CPU LS4000 traffic light controllers running OS versions beginning with 'G4'; filter OT/ICS network traffic for unexpected inbound connections to these devices. ↗
- ·The specific port number used for debugging is not publicly disclosed in available advisories; defenders must audit all open ports on affected devices to identify the vulnerable service. ↗
- ·No known public exploits are confirmed; however, the trivial exploitation conditions (no auth, no interaction, network-accessible) mean the absence of a public PoC should not be relied upon as a control. ↗
- ·Vulnerability scope is limited to CPU LS4000 units running OS versions starting with 'G4'; devices on other firmware branches are not confirmed affected. ↗
CVSS provenance
nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
SWARCO CPU LS4000
cisa_ics·2020-06-02·CVSS 10.0
[CRITICAL] SWARCO CPU LS4000
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
SWARCO CPU LS4000
Last RevisedJune 02, 2020
Alert CodeICSA-20-154-06
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: SWARCO TRAFFIC SYSTEMS
- Equipment: CPU LS4000
- Vulnerability: Improper Access Control
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow access to the device and disturb operations with connected devices.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
CERT VDE reports the vulnerability affects the following traffic light controller:
- CPU LS4000: All OS version
GHSA
GHSA-2fp8-2m27-8mrc: An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4
ghsa_unreviewed·2022-05-24
CVE-2020-12493 [HIGH] GHSA-2fp8-2m27-8mrc: An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4
An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-05-29
Published