CVE-2020-12493

CRITICAL

SWARCO CPU LS4000 - Privilege Escalation

Title source: llm
STIX 2.1

Description

An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_confirm
https://cert.vde.com/de-de/advisories/vde-2020-016

Scores

CVSS v3 10.0
EPSS 0.0140
EPSS Percentile 69.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-284
Status published
Products (1)
swarco/cpu_ls4000_firmware g4
Published May 29, 2020
Tracked Since Feb 18, 2026