Details of VAR-202212-1959

ID

VAR-202212-1959

CVE

CVE-2020-12069

TITLE

Pilz PMC Vulnerability in using weak password hashes in programming tools

Trust: 0.8

sources: JVNDB: JVNDB-2022-004118

DESCRIPTION

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. Pilz PMC A programming tool is vulnerable to the use of weak password hashes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2020-12069 // JVNDB: JVNDB-2022-004118

AFFECTED PRODUCTS

vendor:	wago	model:	762-5305\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6201\/8000-001	scope:	lte	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4202\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control rte v3	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	762-6302\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8214	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8206	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-5203\/8000-001	scope:	lte	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6202\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6203\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control v3 runtime system toolkit	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	codesys	model:	hmi v3	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	762-4306\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8211	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4201\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control for iot2000	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	codesys	model:	control for beaglebone	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	762-4203\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control for plcnext	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	762-4301\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-5205\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	pilz	model:	pmc	scope:	lt	version:	3.5.17	Trust: 1.0
vendor:	codesys	model:	v3 simulation runtime	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	750-8216	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control for empc-a\/imx6	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	festo	model:	controller cecc-s	scope:	eq	version:	2.3.8.0	Trust: 1.0
vendor:	wago	model:	750-8210	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4303\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	festo	model:	controller cecc-s	scope:	eq	version:	2.3.8.1	Trust: 1.0
vendor:	codesys	model:	control for pfc200	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	codesys	model:	control for linux	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	festo	model:	controller cecc-d	scope:	eq	version:	2.3.8.0	Trust: 1.0
vendor:	wago	model:	762-5204\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-5303\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6304\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	festo	model:	controller cecc-d	scope:	eq	version:	2.3.8.1	Trust: 1.0
vendor:	wago	model:	752-8303\/8000-0002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4304\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4204\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	festo	model:	controller cecc-lk	scope:	eq	version:	2.3.8.0	Trust: 1.0
vendor:	wago	model:	762-5206\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8217	scope:	eq	version:	-	Trust: 1.0
vendor:	festo	model:	controller cecc-lk	scope:	eq	version:	2.3.8.1	Trust: 1.0
vendor:	wago	model:	750-8203	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8102	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6301\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-5306\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4305\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8212	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control for raspberry pi	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	750-8101	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8100	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4205\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8202	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8204	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control win v3	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	762-4205\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8213	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4206\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8215	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6204\/8000-001	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-6303\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-5304\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	750-8207	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	wago	model:	762-4206\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	codesys	model:	control for pfc100	scope:	lt	version:	3.5.16.0	Trust: 1.0
vendor:	wago	model:	762-4302\/8000-002	scope:	lt	version:	03.06.19\(18\)	Trust: 1.0
vendor:	pilz	model:	pmc	scope:	gte	version:	3.0.0	Trust: 1.0
vendor:	pilz	model:	pmc	scope:	lt	version:	3.x	Trust: 0.8
vendor:	pilz	model:	pmc	scope:	eq	version:	-	Trust: 0.8
vendor:	pilz	model:	pmc	scope:	eq	version:	3.5.17	Trust: 0.8

sources: JVNDB: JVNDB-2022-004118 // NVD: CVE-2020-12069

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12069
value:	HIGH
Trust: 1.0
info@cert.vde.com:	CVE-2020-12069
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-12069
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202212-3933
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2020-12069
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2020-12069
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-004118 // CNNVD: CNNVD-202212-3933 // NVD: CVE-2020-12069 // NVD: CVE-2020-12069

PROBLEMTYPE DATA

problemtype:	CWE-916	Trust: 1.0
problemtype:	Use of weak password hashes (CWE-916) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-004118 // NVD: CVE-2020-12069

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-3933

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-3933

PATCH

title:	top page	url:	https://www.pilz.com/ja-INT	Trust: 0.8
title:	Pilz PMC programming tool Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=220121	Trust: 0.6

sources: JVNDB: JVNDB-2022-004118 // CNNVD: CNNVD-202212-3933

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12069	Trust: 3.2
db:	CERT@VDE	id:	VDE-2021-061	Trust: 2.4
db:	CERT@VDE	id:	VDE-2022-022	Trust: 1.0
db:	CERT@VDE	id:	VDE-2022-031	Trust: 1.0
db:	JVNDB	id:	JVNDB-2022-004118	Trust: 0.8
db:	CNNVD	id:	CNNVD-202212-3933	Trust: 0.6

sources: JVNDB: JVNDB-2022-004118 // CNNVD: CNNVD-202212-3933 // NVD: CVE-2020-12069

REFERENCES

url:	https://cert.vde.com/en/advisories/vde-2021-061/	Trust: 2.4
url:	https://cert.vde.com/en/advisories/vde-2022-022/	Trust: 1.0
url:	https://cert.vde.com/en/advisories/vde-2022-031/	Trust: 1.0
url:	https://customers.codesys.com/index.php?eid=dumpfile&t=f&f=12943&token=d097958a67ba382de688916f77e3013c0802fade&download=	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12069	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2020-12069/	Trust: 0.6

sources: JVNDB: JVNDB-2022-004118 // CNNVD: CNNVD-202212-3933 // NVD: CVE-2020-12069

SOURCES

db:	JVNDB	id:	JVNDB-2022-004118
db:	CNNVD	id:	CNNVD-202212-3933
db:	NVD	id:	CVE-2020-12069

LAST UPDATE DATE

2024-10-05T01:43:49.661000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2022-004118	date:	2023-03-22T08:05:00
db:	CNNVD	id:	CNNVD-202212-3933	date:	2023-01-06T00:00:00
db:	NVD	id:	CVE-2020-12069	date:	2024-10-03T19:18:50.300

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2022-004118	date:	2023-03-22T00:00:00
db:	CNNVD	id:	CNNVD-202212-3933	date:	2022-12-26T00:00:00
db:	NVD	id:	CVE-2020-12069	date:	2022-12-26T19:15:10.520