High severity7.8NVD Advisory· Published Jul 1, 2020· Updated Jun 17, 2026
CVE-2020-12498
CVE-2020-12498
Description
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <=1.87
- Range: <=1.87
- Range: unspecified
- Phoenix Contact/Automation Worx Expressv5Range: unspecified
Patches
Vulnerability mechanics
References
2- cert.vde.com/de-de/advisories/vde-2020-023nvdVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-20-826/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.