Phoenix Contact Automation Worx Software Suite

CVSS 7.8 HIGH

Risk Summary

Successful exploitation could allow an attacker to execute arbitrary code under the privileges of the application.

CVE-2020-12497 CVE-2020-12498

Phoenix Contact recommends users exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email. In addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity.
With the next version of Automation Worx Software Suite, a sharpened input data validation, with respect to buffer size and description of size and number of objects referenced in a file, will be implemented.

Phoenix Contact

Phoenix Contact · PC Worx Express <= 1.87

Phoenix Contact · PC Worx <= 1.87

Communications, Critical Manufacturing, Information Technology

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.