CVE-2021-33542

🗓️ 25 Jun 2021 18:26:06Reported by CERTVDEType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 79 Views

Phoenix Contact Classic Automation Worx Software Suite Version 1.87 and below remote code execution vulnerabilit

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-33542	25 Jun 202122:19	–	circl
CNNVD	Phoenix Contact Classic Automation Worx Software Suite 缓冲区错误漏洞	25 Jun 202100:00	–	cnnvd
CNVD	Phoenix Contact Classic Automation Worx Software Suite Buffer Overflow Vulnerability	29 Jun 202100:00	–	cnvd
Cvelist	CVE-2021-33542 Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability	25 Jun 202118:26	–	cvelist
EUVD	EUVD-2021-20234	7 Oct 202500:30	–	euvd
NVD	CVE-2021-33542	25 Jun 202119:15	–	nvd
OSV	CVE-2021-33542	25 Jun 202119:15	–	osv
Prion	Remote code execution	25 Jun 202119:15	–	prion
Zero Day Initiative	Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability	7 Jul 202100:00	–	zdi

NVD

Vulners

Node

phoenixcontact config+Range≤1.87

phoenixcontact pc_worxRange≤1.87

phoenixcontact pc_worx_expressRange≤1.87

[
  {
    "product": "Automation Worx Software Suite",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThanOrEqual": "1.87",
        "status": "affected",
        "version": "PC Worx",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.87",
        "status": "affected",
        "version": "PC Worx Express",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.87",
        "status": "affected",
        "version": "Config+",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-782/
cert	www.cert.vde.com/en-us/advisories/vde-2021-020

21 Nov 2024 06:09Current

7.4High risk

Vulners AI Score7.4

CVSS 25.1

CVSS 3.17 - 7.8

EPSS0.00529

CWE-824