CVE-2020-12521 Explained : Impact and Mitigation

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS, a specially crafted LLDP packet may lead to a high system load in the PROFINET stack, potentially causing system service failures or reboots.

Understanding CVE-2020-12521

This CVE involves a vulnerability in Phoenix Contact PLCnext Control Devices that could be exploited by an attacker to disrupt system services.

What is CVE-2020-12521?

Affects Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS
Vulnerability allows for a high system load in the PROFINET stack
Attackers can trigger system service failures or complete reboots

The Impact of CVE-2020-12521

CVSS Base Score: 6.5 (Medium Severity)
Attack Complexity: Low
Attack Vector: Adjacent Network
Availability Impact: High
No impact on Confidentiality or Integrity

Technical Details of CVE-2020-12521

This section provides detailed technical information about the vulnerability.

Vulnerability Description

Specially crafted LLDP packet can overload the PROFINET stack
May lead to system service failures or complete reboots

Affected Systems and Versions

Products affected include AXC F 1152, AXC F 2152, AXC F 3152, RFC 4072S, AXC F 2152 Starterkit, and PLCnext Technology Starterkit
Versions affected are those before 2021.0 LTS

Exploitation Mechanism

Attackers can exploit the vulnerability by sending a malicious LLDP packet

Mitigation and Prevention

Protecting systems from CVE-2020-12521 requires immediate actions and long-term security practices.

Immediate Steps to Take

Upgrade to Firmware 2021.0 LTS or higher as recommended by Phoenix Contact
Operate network-capable devices in closed networks or behind firewalls

Long-Term Security Practices

Regularly update firmware and security patches
Implement network segmentation and access controls
Conduct security training for employees

Patching and Updates

Apply the latest firmware updates provided by Phoenix Contact