Lucene search
CERTVDECVE-2022-31800HistoryJun 21, 2022 - 8:15 a.m.
CVE-2022-31800
2022-06-2108:15:07
CWE-345
CERTVDE
web.nvd.nist.gov
53
3
cve-2022-31800
nvd
proconos
eclr
device security
remote attack
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.008
Percentile
81.5%
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
Affected configurations
Node
phoenixcontactaxc_1050_firmware
phoenixcontactaxc_1050Match-
Node
phoenixcontactaxc_1050_xc_firmware
phoenixcontactaxc_1050_xcMatch-
Node
phoenixcontactaxc_3050_firmware
phoenixcontactaxc_3050Match-
Node
phoenixcontactfc_350_pci_eth_firmware
phoenixcontactfc_350_pci_ethMatch-
Node
phoenixcontactilc1x0_firmware
phoenixcontactilc1x0Match-
Node
phoenixcontactilc1x1_firmware
phoenixcontactilc1x1Match-
Node
phoenixcontactilc_1x1_gsm\/gprs_firmware
phoenixcontactilc_1x1_gsm\/gprsMatch-
Node
phoenixcontactilc_3xx_firmware
phoenixcontactilc_3xxMatch-
Node
phoenixcontactpc_worx_rt_basic_firmware
phoenixcontactpc_worx_rt_basicMatch-
Node
phoenixcontactpc_worx_srt_firmware
phoenixcontactpc_worx_srtMatch-
Node
phoenixcontactrfc_430_eth-ib_firmware
phoenixcontactrfc_430_eth-ibMatch-
Node
phoenixcontactrfc_450_eth-ib_firmware
phoenixcontactrfc_450_eth-ibMatch-
Node
phoenixcontactrfc_460r_pn_3tx_firmware
phoenixcontactrfc_460r_pn_3txMatch-
Node
phoenixcontactrfc_460r_pn_3tx-s_firmware
phoenixcontactrfc_460r_pn_3tx-sMatch-
Node
phoenixcontactrfc_470_pn_3tx_firmware
phoenixcontactrfc_470_pn_3txMatch-
Node
phoenixcontactrfc_470s_pn_3tx_firmware
phoenixcontactrfc_470s_pn_3txMatch-
Node
phoenixcontactrfc_480s_pn_4tx_firmware
phoenixcontactrfc_480s_pn_4txMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phoenixcontact | axc_1050_firmware | * | cpe:2.3:o:phoenixcontact:axc_1050_firmware:*:*:*:*:*:*:*:* |
| phoenixcontact | axc_1050 | - | cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:* |
| phoenixcontact | axc_1050_xc_firmware | * | cpe:2.3:o:phoenixcontact:axc_1050_xc_firmware:*:*:*:*:*:*:*:* |
| phoenixcontact | axc_1050_xc | - | cpe:2.3:h:phoenixcontact:axc_1050_xc:-:*:*:*:*:*:*:* |
| phoenixcontact | axc_3050_firmware | * | cpe:2.3:o:phoenixcontact:axc_3050_firmware:*:*:*:*:*:*:*:* |
| phoenixcontact | axc_3050 | - | cpe:2.3:h:phoenixcontact:axc_3050:-:*:*:*:*:*:*:* |
| phoenixcontact | fc_350_pci_eth_firmware | * | cpe:2.3:o:phoenixcontact:fc_350_pci_eth_firmware:*:*:*:*:*:*:*:* |
| phoenixcontact | fc_350_pci_eth | - | cpe:2.3:h:phoenixcontact:fc_350_pci_eth:-:*:*:*:*:*:*:* |
| phoenixcontact | ilc1x0_firmware | * | cpe:2.3:o:phoenixcontact:ilc1x0_firmware:*:*:*:*:*:*:*:* |
| phoenixcontact | ilc1x0 | - | cpe:2.3:h:phoenixcontact:ilc1x0:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "ILC 1x0",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "ILC 1x1",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "ILC 1x1 GSM/GPRS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "ILC 3xx",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "AXC 1050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "AXC 1050 XC",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "AXC 3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 480S PN 4TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 470 PN 3TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 470S PN 3TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 460R PN 3TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 460R PN 3TX-S",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 430 ETH-IB",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "RFC 450 ETH-IB",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "PC WORX SRT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "PC WORX RT BASIC",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
},
{
"product": "FC 350 PCI ETH",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "All Versions"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-31800
2022-06-21 08:15:07
nessus
nessus
cvelist
cvelist
ics
ics
Phoenix Contact Classic Line Controllers
2022-06-21 12:00:00
prion
prion
Design/Logic Flaw
2022-06-21 08:15:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.008
Percentile
81.5%
Related for CVE-2022-31800