CVE-2020-12030

There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables the VLAN setting, the internal gateway firewall becomes disabled resulting in exposure of all ports used by the gateway.

Published: Sep 29, 2021
Updated: Apr 13, 2023
CVE: CVE-2020-12030
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 10
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
emerson / wireless_1410_gateway_firmware	4.6.43	4.7.84.x
emerson / wireless_1420_gateway_firmware	4.6.43	4.7.84.x
emerson / wireless_1552wu_gateway_firmware	4.6.43	4.7.84.x

https://us-cert.cisa.gov/ics/advisories/icsa-20-135-02

Vulnerability Database

289,871

CVE-2020-12030