CVE-2020-12500

Name of the Vulnerable Software and Affected Versions Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions)

Description The issue allows unauthenticated device administration due to an improper authorization vulnerability. This means that devices can be administered without proper authentication, potentially leading to unauthorized access and control.

Recommendations For all versions of the affected devices, consider restricting access to device administration interfaces until a proper fix is applied. As a temporary workaround, limiting access to the devices and their administration interfaces can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.