The vulnerability of the microprogramming software for Phoenix Contact Automation Worx Software Suite devices, including AXC 1050, AXC 1050 XC, AXC 3050, Config+, FC 350 PCI ETH, ILC1x0, ILC1x1, ILC 3xx, PC Worx, PC Worx Express, PC WORX RT BASIC, PC WORX SRT, RFC 430 ETH-IB, RFC 450 ETH-IB, RFC 460R PN 3TX, RFC 470S PN 3TX, RFC 480S PN 4TX, arises from the incorrect assignment of permissions to critical resources. This allows an attacker to gain full access to the device.

The vulnerability of the microprogramming software for Phoenix Contact Automation Worx Software Suite, AXC 1050, AXC 1050 XC, AXC 3050, Config+, FC 350 PCI ETH, ILC1x0, ILC1x1, ILC 3xx, PC Worx, PC Worx Express, PC WORX RT BASIC, PC WORX SRT, RFC 430 ETH-IB, RFC 450 ETH-IB, RFC 460R PN 3TX, RFC...

CVE-2023-46141 Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device...

PHOENIX CONTACT Automation Worx Software Suite Security Vulnerability

PHOENIX CONTACT Automation Worx Software Suite is an automation Worx software suite from PHOENIX CONTACT, Germany. A security vulnerability exists in PHOENIX CONTACT Automation Worx Software Suite, which originated from a vulnerability in the incorrect assignment of critical resource privileges,...

PHOENIX CONTACT Multiple Product Security Breach

PHOENIX CONTACT Automation Worx Software Suite is an automation Worx software suite from PHOENIX CONTACT, Germany. A security vulnerability exists in several PHOENIX CONTACT products that originates from downloading code without integrity checking, allowing an unauthenticated remote attacker to...

PT-2023-7706 · Phoenix Contact · Pc Worx Express +17

Name of the Vulnerable Software and Affected Versions: Phoenix Contact Automation Worx Software Suite versions affected versions not specified AXC 1050 versions affected versions not specified AXC 1050 XC versions affected versions not specified AXC 3050 versions affected versions not specified...

Phoenix Contact Automation Worx

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these...

Phoenix Contact Automation Worx Software Suite 输入验证错误漏洞

Phoenix Contact Automation Worx Software Suite is an automation Worx software suite from Phoenix Contact, Germany. An input validation error vulnerability exists in Phoenix Contact's PC Worx Automation Suite, which stems from an incorrect input validation vulnerability in version 1.88. An attacke...

Phoenix Contact Classic Automation Worx Software Suite Buffer Overflow Vulnerability

Phoenix Contact Classic Automation is a division of Phoenix Contac Phoenix Contact, a German company that provides surplus parts and Phoenix Contact repair services. A security vulnerability exists in Software Suite 1.87 and prior versions, which stems from a vulnerability that can be exploited b...

CVE-2021-33542

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The...

Remote code execution

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The...

CVE-2021-33542 Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The...

CVE-2021-33542

CVE-2021-33542 affects Phoenix Contact Classic Automation Worx Software Suite

Phoenix Contact Automation Worx Software Suite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation could allow an attacker to execute arbitrary code...

CVE-2020-12498 Phoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code execution

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12497 Phoenix Contact Automation Worx <= 1.87: stack-based overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

PHOENIX CONTACT Automation Worx Software Suite Input Validation Error Vulnerability

Automation Worx Software Suite is an automation software package from Phoenix Contact. An input validation error vulnerability exists in PHOENIX CONTACT Automation Worx Software Suite, which can be exploited by an attacker to execute arbitrary code...

PHOENIX CONTACT Automation Worx Software Suite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the availability, integrity, or...

Phoenix Contact Automation Worx CVE-2019-16675 Remote Code Execution Vulnerability

Description Phoenix Contact Automation Worx is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. The...

Phoenix Contact Automation Worx Software Suite Memory Misreference Vulnerability

Automation Worx Software Suite is an automation software package from Phoenix Contact. A memory misreference vulnerability exists in the PC Worx, PC Worx Express, and Config+ components in Phoenix Contact Automation Worx Software Suite versions 1.86 and earlier. An attacker could exploit this...

Phoenix Contact Automation Worx Software Suite Uninitialized Pointer Access Vulnerability

Automation Worx Software Suite is an automation software package from Phoenix Contact. An uninitialized pointer access vulnerability exists in the PC Worx, PC Worx Express, and Config+ components in Phoenix Contact Automation Worx Software Suite versions 1.86 and earlier. An attacker could exploi...