Security Advisory

CVE-2020-12069

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-26 00:00:00
Last updated 2025-04-14 16:17:54
Assigner mitre
State PUBLISHED

Description

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.