High severity7.8NVD Advisory· Published Jul 1, 2020· Updated Jun 17, 2026
CVE-2020-12497
CVE-2020-12497
Description
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <=1.87
- Range: <=1.87
- Range: unspecified
- Phoenix Contact/Automation Worx Expressv5Range: unspecified
Patches
Vulnerability mechanics
References
3- cert.vde.com/de-de/advisories/vde-2020-023nvdVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-20-825/nvdThird Party AdvisoryVDB Entry
- www.zerodayinitiative.com/advisories/ZDI-21-398/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.