Lucene search
HistoryDec 14, 2023 - 2:15 p.m.
CVE-2023-46143
cve-2023-46143
phoenix contact
plcs
integrity check
vulnerability
nvd
remote attack
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.4%
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.
Affected configurations
Node
phoenixcontactautomationworx_software_suite
Node
phoenixcontactaxc_1050_firmware
phoenixcontactaxc_1050Match-
Node
phoenixcontactaxc_1050_xc_firmware
phoenixcontactaxc_1050_xcMatch-
Node
phoenixcontactaxc_3050_firmware
phoenixcontactaxc_3050Match-
Node
phoenixcontactconfig\+
Node
phoenixcontactfc_350_pci_eth_firmware
phoenixcontactfc_350_pci_ethMatch-
Node
phoenixcontactilc1x0_firmware
phoenixcontactilc1x0Match-
Node
phoenixcontactilc1x1_firmware
phoenixcontactilc1x1Match-
Node
phoenixcontactilc_3xx_firmware
phoenixcontactilc_3xxMatch-
Node
phoenixcontactpc_worx
Node
phoenixcontactpc_worx_express
Node
phoenixcontactpc_worx_rt_basic_firmware
phoenixcontactpc_worx_rt_basicMatch-
Node
phoenixcontactpc_worx_srt
Node
phoenixcontactrfc_430_eth-ib_firmware
phoenixcontactrfc_430_eth-ibMatch-
Node
phoenixcontactrfc_450_eth-ib_firmware
phoenixcontactrfc_450_eth-ibMatch-
Node
phoenixcontactrfc_460r_pn_3tx_firmware
phoenixcontactrfc_460r_pn_3txMatch-
Node
phoenixcontactrfc_470s_pn_3tx_firmware
phoenixcontactrfc_470s_pn_3txMatch-
Node
phoenixcontactrfc_480s_pn_4tx_firmware
phoenixcontactrfc_480s_pn_4txMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| phoenixcontact:automationworx_software_suite | phoenixcontact automationworx software suite | eq | * |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Automation Worx Software Suite",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXC 1050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXC 1050 XC",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXC 3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Config+",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FC 350 PCI ETH",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC1x0",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC1x1",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 3xx",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PC Worx",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PC Worx Express",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PC WORX RT BASIC",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PC WORX SRT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 430 ETH-IB",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 450 ETH-IB",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 460R PN 3TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 470S PN 3TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 480S PN 4TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
]References
Related
cvelist
cvelist
nvd
nvd
CVE-2023-46143
2023-12-14 14:15:43
prion
prion
Design/Logic Flaw
2023-12-14 14:15:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.4%
Related for CVE-2023-46143