CVE-2020-12501

Name of the Vulnerable Software and Affected Versions Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) Korenix JetPort 5601V3 (all versions)

Description The issue concerns an Improper Authorization vulnerability where undocumented accounts are used. This vulnerability allows attackers to gain full control over devices. The problem is exacerbated by the fact that the backdoor account has the same password as the firmware, which cannot be changed by the user. This vulnerability has been known since 2012 and was previously addressed with a firmware update, but it has resurfaced. The vulnerability can be exploited to reconfigure devices and potentially gain access to other connected systems.

Recommendations For Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions): At the moment, there is no information about a newer version that contains a fix for this vulnerability. For Korenix JetPort 5601V3 (all versions): Consider restricting access to the device until a patch is available, as the backdoor account cannot be removed or changed. Avoid using the undocumented account to prevent exploitation.