CVE-2019-12870

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.
References
Configurations

Configuration 1

cpe:2.3:a:phoenixcontact:automationworx_software_suite:*:*:*:*:*:*:*:*

Information

Published : 2019-06-24 04:15

Updated : 2019-06-27 04:26


NVD link : CVE-2019-12870

Mitre link : CVE-2019-12870

Products Affected
No products.
CWE
CWE-824

Access of Uninitialized Pointer