CVE-2020-12499
published 2020-07-21CVE-2020-12499: In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phoenix_contact | plcnext_engineer | unspecified – 2020.3.1 | — |
| phoenixcontact | plcnext_engineer | <= 2020-3-1 | — |