PT-2023-7706 · Phoenix Contact · Pc Worx Express +17

Name of the Vulnerable Software and Affected Versions: Phoenix Contact Automation Worx Software Suite versions affected versions not specified AXC 1050 versions affected versions not specified AXC 1050 XC versions affected versions not specified AXC 3050 versions affected versions not specified...

Phoenix Contact PC Worx and Worx Express Buffer Overflow Vulnerability (CNVD-2020-38414)

Phoenix Contact PC Worx and Phoenix Contact PC Worx Express are both programming software packages for PLCs Programmable Logic Controllers from Phoenix Contact, Germany. A buffer overflow vulnerability exists in the parsing of PLCopen XML files in Phoenix Contact PC Worx and PC Worx Express...

Phoenix Contact PC Worx and Worx Express Buffer Overflow Vulnerability

Phoenix Contact PC Worx and Phoenix Contact PC Worx Express are both programming software packages for PLCs Programmable Logic Controllers from Phoenix Contact, Germany. A buffer overflow vulnerability exists in the parsing of mwe files in Phoenix Contact PC Worx and PC Worx Express versions 1.87...

CVE-2020-12498

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12498

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

Stack overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12498 Phoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code execution

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12498

Phoenix Contact PC Worx and PC Worx Express (v1.87 and earlier) are affected by CVE-2020-12498 due to insufficient input validation in MWE file parsing, causing an out-of-bounds read that can lead to remote code execution. Affected component: PC Worx/PC Worx Express parsing of MWE project files; ...

CVE-2020-12497 Phoenix Contact Automation Worx <= 1.87: stack-based overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

PT-2020-5910 · Phoenix Contact · Pc Worx Express +1

Name of the Vulnerable Software and Affected Versions: Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier Description: The issue is related to the parsing of PLCopen XML files in Phoenix Contact PC Worx and PC Worx Express, which can lead to a stack-based overflow due to...

Out-of-bounds

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-of-bounds Read and remote code execution. The attacker needs to get access to an original PC Worx or Config+...

CVE-2019-16675

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-of-bounds Read and remote code execution. The attacker needs to get access to an original PC Worx or Config+...

Phoenix Contact Automation Worx CVE-2019-16675 Remote Code Execution Vulnerability

Description Phoenix Contact Automation Worx is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. The...

Remote code execution

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker needs to get access to an original PC Worx or Confi...

CVE-2019-12869

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-Of-Bounds Read, Information Disclosure, and remote code execution. The attacker needs to get access to an...

CVE-2019-12869

PHOENIX CONTACT Automation Worx Software Suite components PC Worx, PC Worx Express, and Config+ (version 1.86 and earlier) are affected by CVE-2019-12869. The issue is an Out-Of-Bounds Read that can lead to Information Disclosure and remote code execution when an attacker manipulates a legitimate...

CVE-2019-12870

PHOENIX CONTACT Automation Worx Software Suite (PC Worx, PC Worx Express, Config+; v1.86 and earlier) is affected by CVE-2019-12870. The issue is an uninitialized pointer leading to remote code execution. An attacker must obtain an original PC Worx/Config+ project file, manipulate it, and replace...

CVE-2019-12871

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to a Use-After-Free and remote code execution. The attacker needs to get access to an original PC Worx or Config+ proje...

CVE-2019-12871

CVE-2019-12871 affects Phoenix Contact Automation Worx Software Suite up to v1.86 (PC Worx, PC Worx Express, Config+). The issue is a Use-After-Free in the handling of project files (notably BCP parsing) that could allow remote code execution after an attacker manipulates a legitimate PC Worx/Con...