CVE-2020-12521
published 2020-12-17CVE-2020-12521: On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An…
medium6.5CVSS 3.1
AVAACLPRNUINSUCNINAH
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phoenix_contact | axc_f_1152 | >= unspecified < 2021.0 LTS | 2021.0 LTS |
| phoenix_contact | axc_f_2152 | >= unspecified < 2021.0 LTS | 2021.0 LTS |
| phoenix_contact | axc_f_2152_starterkit | >= unspecified < 2021.0 LTS | 2021.0 LTS |
| phoenix_contact | axc_f_3152 | >= unspecified < 2021.0 LTS | 2021.0 LTS |
| phoenix_contact | plcnext_technology_starterkit | >= unspecified < 2021.0 LTS | 2021.0 LTS |
| phoenix_contact | rfc_4072s_1051328 | >= unspecified < 2021.0 LTS | 2021.0 LTS |
| phoenixcontact | plcnext_firmware | < 2021.0 | 2021.0 |