PT-2021-10540 · Beckhoff Automation Gmbh & Co. Kg+1 · Ce Remote Display Tool+2

Published

2021-07-23

Updated

2021-08-09

CVE-2020-20741

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Beckhoff Automation GmbH & Co. KG CX9020 version CX9020 CB3011 WEC7 HPS v602 TC31 B4016.6

Description: The issue allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect.

Recommendations: For version CX9020 CB3011 WEC7 HPS v602 TC31 B4016.6, as a temporary workaround, consider restricting access to the "CE Remote Display Tool" until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-20741

Affected Products

Ce Remote Display Tool

Cx9020

Windows Ce

PT-2021-10540 · Beckhoff Automation Gmbh & Co. Kg+1 · Ce Remote Display Tool+2

CVE-2020-20741

Related Identifiers

Affected Products

References · 4