Lucene search
+L

34 matches found

nessus
nessus
added 2023/01/25 12:0 a.m.14 views

PHOENIX CONTACT PLCNext AXC F 2152 Channel Accessible By Non-Endpoint (CVE-2019-10997)

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

5.8AI score0.01002EPSS
Exploits0References3
ics
ics
added 2022/06/21 12:0 a.m.61 views

Phoenix Contact Classic Line Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC, AXC, RFC, PC WORX, FC Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

10CVSS9.9AI score0.01455EPSS
Exploits1References4
ics
ics
added 2022/06/21 12:0 a.m.71 views

Phoenix Contact Classic Line Industrial Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 Vulnerability: Missing Authentication for Critical...

9.8CVSS10AI score0.03079EPSS
Exploits1References4
nvd
nvd
added 2019/06/18 1:15 p.m.23 views

CVE-2019-10998

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunit...

6.8CVSS6.7AI score0.00395EPSS
Exploits0References1
prion
prion
added 2019/06/18 1:15 p.m.24 views

Authentication flaw

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunit...

4.6CVSS6.7AI score0.00395EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2019/06/18 12:10 p.m.39 views

CVE-2019-10998

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunit...

6.7AI score0.00395EPSS
Exploits0References1
cve
cve
added 2019/06/18 12:10 p.m.81 views

CVE-2019-10998

CVE-2019-10998 affects Phoenix Contact PLCNext AXC F 2152 (article numbers 2404267 and 1046568 Starterkit) with firmware versions prior to 2019.0 LTS. The issue is an improper access control that, when there is unlimited physical access, can lead to manipulation of SD card data and an authenticat...

6.8CVSS6.7AI score0.00395EPSS
Exploits0References1Affected Software1
osv
osv
added 2019/06/17 6:15 p.m.6 views

CVE-2019-10997

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

5.9CVSS6.5AI score0.01002EPSS
Exploits0References1
nvd
nvd
added 2019/06/17 6:15 p.m.44 views

CVE-2019-10997

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

7.1CVSS6AI score0.01002EPSS
Exploits0References1
prion
prion
added 2019/06/17 6:15 p.m.20 views

Code injection

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

7.1CVSS6AI score0.01002EPSS
Exploits0References1Affected Software2
cve
cve
added 2019/06/17 5:59 p.m.98 views

CVE-2019-10997

CVE-2019-10997 affects Phoenix Contact PLCNext AXC F 2152 family (article 2404267) and Starterkit (1046568) prior to firmware 2019.0 LTS. The issue arises from a man-in-the-middle scenario where protocol fuzzing on PC WORX Engineer can cause the PLC service to stop, requiring a reboot or manual r...

7.1CVSS5.6AI score0.01002EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2019/06/17 5:59 p.m.58 views

CVE-2019-10997

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

5.7AI score0.01002EPSS
Exploits0References1
cnvd
cnvd
added 2019/06/05 12:0 a.m.4 views

Phoenix Contact PLCNext AXC F 2152 Authorization Issues Vulnerability

Phoenix Contact PLCNext AXC F 2152 is a programmable logic controller from Phoenix Contact, Germany. An authorization issue vulnerability exists in the Phoenix Contact PLCNext AXC F 2152 2404267 and 1046568 Starterkit using firmware version 1.x, which can be exploited by an attacker to cause...

6.8CVSS6.8AI score0.00395EPSS
Exploits0References1
ics
ics
added 2019/06/04 12:0 a.m.199 views

PHOENIX CONTACT PLCNext AXC F 2152

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Phoenix Contact Equipment: PLCNext AXC F 2152 Vulnerabilities: Key Management Errors, Improper Access Control, Man-in-the-Middle, Using Component with Known Vulnerabilities 2. RISK EVALUATION...

7.1CVSS6.6AI score0.01581EPSS
Exploits0References6
Rows per page
Query Builder