{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T06:59:08.675","vulnerabilities":[{"cve":{"id":"CVE-2020-12510","sourceIdentifier":"info@cert.vde.com","published":"2020-11-19T18:15:13.927","lastModified":"2024-11-21T04:59:50.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\\TwinCAT. If the directory does not exist it and further subdirectories are created with permissions which allow every local user to modify the content. The default installation registers TcSysUI.exe for automatic execution upon log in of a user. If a less privileged user has a local account he or she can replace TcSysUI.exe. It will be executed automatically by another user during login. This is also true for users with administrative access. Consequently, a less privileged user can trick a higher privileged user into executing code he or she modified this way. By default Beckhoff’s IPCs are shipped with TwinCAT software installed this way and with just a single local user configured. Thus the vulnerability exists if further less privileged users have been added."},{"lang":"es","value":"La ruta de instalación predeterminada del software TwinCAT XAR versión 3.1 en todas las versiones se encuentra debajo de C:\\TwinCAT. Si el directorio no existe, se crean más subdirectorios con permisos que permiten a cada usuario local modificar el contenido. La instalación predeterminada registra el archivo TcSysUI.exe para una ejecución automática al iniciar sesión un usuario. Si un usuario con menos privilegios tiene una cuenta local, puede reemplazar el archivo TcSysUI.exe. Otro usuario lo ejecutará automáticamente durante el inicio de sesión. Esto también es cierto para los usuarios con acceso administrativo. En consecuencia, un usuario menos privilegiado puede engañar a un usuario con mayores privilegios para que ejecute el código que él o ella modificó de esta manera. Por defecto, los IPC de Beckhoff se envían con el software TwinCAT instalado de esta manera y con un único usuario local configurado. Por lo tanto la vulnerabilidad existe si nuevos usuarios menos privilegiados han sido incorporados"}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:beckhoff:twincat_extended_automation_runtime:3.1:*:*:*:*:*:*:*","matchCriteriaId":"86D77675-9196-4032-8809-AC9CDEB01259"}]}]}],"references":[{"url":"https://cert.vde.com/en-us/advisories/vde-2020-037","source":"info@cert.vde.com","tags":["Third Party Advisory"]},{"url":"https://cert.vde.com/en-us/advisories/vde-2020-037","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}