cve/2019/CVE-2019-12869.md

CVE-2019-12869

Description

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-Of-Bounds Read, Information Disclosure, and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.

POC

Reference

• https://cert.vde.com/en-us/advisories/vde-2019-014

Github

No PoCs found on GitHub currently.