SWARCO Advisory Feed by CERT@VDEhttps://cert.vde.com/en/advisories/2022-03-01T10:07:00+00:00Feed for SWARCO Advisories by CERT@VDESWARCO: Critical Vulnerability in CPU LS40002020-05-28T13:00:00+00:002022-03-01T10:07:00+00:00CERTVDEhttps://cert.vde.com/en/advisories/author/certuser/https://cert.vde.com/en/advisories/VDE-2020-016/<h4>VDE-2020-016</h4>
<h4>Vendor(s)</h4>SWARCO TRAFFIC SYSTEMS GmbH<br><h4>Product(s)</h4><table> <tbody> <tr> <th>Article No°</th> <th>Product Name</th> <th>Affected Version(s)</th> </tr><tr><td></td><td>CPU LS4000</td><td> G4*</td></tr></tbody></table><p><h4>Vulnerabilities:</h4>⠀CVE-2020-12493: 10.0 (CVSS:3.1)<br><h4>Summary</h4><p>An open port used for debugging grants root access to the device without access control via network.</p>
<div></div><h4>Impact</h4><p>A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices.</p>
<div></div><h4>Solution</h4><p><span>SWARCO TRAFFIC SYSTEMS released a patch to fix the vulnerability and close the port. Please contact your SWARCO TRAFFIC SYSTEMS contact person for further information.</span></p><p><h4>URL</h4><a href="https://cert.vde.com/en/advisories/VDE-2020-016/" target=_new>https://cert.vde.com/en/advisories/VDE-2020-016/</a>