CVE-2021-33542 Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability

🗓️ 25 Jun 2021 18:26:06Reported by CERTVDEType

Phoenix Contact Automation Worx Software Suite affected by Remote Code Execution vulnerabilit

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-33542	25 Jun 202122:19	–	circl
CNNVD	Phoenix Contact Classic Automation Worx Software Suite 缓冲区错误漏洞	25 Jun 202100:00	–	cnnvd
CNVD	Phoenix Contact Classic Automation Worx Software Suite Buffer Overflow Vulnerability	29 Jun 202100:00	–	cnvd
CVE	CVE-2021-33542	25 Jun 202118:26	–	cve
EUVD	EUVD-2021-20234	7 Oct 202500:30	–	euvd
NVD	CVE-2021-33542	25 Jun 202119:15	–	nvd
OSV	CVE-2021-33542	25 Jun 202119:15	–	osv
Prion	Remote code execution	25 Jun 202119:15	–	prion
Zero Day Initiative	Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability	7 Jul 202100:00	–	zdi

[
  {
    "product": "Automation Worx Software Suite",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThanOrEqual": "1.87",
        "status": "affected",
        "version": "PC Worx",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.87",
        "status": "affected",
        "version": "PC Worx Express",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "1.87",
        "status": "affected",
        "version": "Config+",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-782/
cert	www.cert.vde.com/en-us/advisories/vde-2021-020

07 Jul 2021 09:06Current

8.2High risk

Vulners AI Score8.2

CVSS 3.17.8

EPSS0.01756

CWE-824