Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:54 a.m.8 views

CVE-2023-46143

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC...

7.5CVSS7.3AI score0.00332EPSS
Exploits0
CVE
CVE
added 2023/12/14 2:5 p.m.47 views

CVE-2023-46141

CVE-2023-46141 affects Phoenix Contact Automation Worx and classic line controllers. The issue is an incorrect permission assignment for a critical resource that can be exploited remotely by an unauthenticated attacker to gain full control of the affected device. Affects multiple products in the ...

9.8CVSS9.8AI score0.00879EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.5 views

PT-2023-7875 · Phoenix Contact · Fc 350 Pci Eth +4

Name of the Vulnerable Software and Affected Versions: PHOENIX CONTACT classic line PLCs affected versions not specified AXC 1050 AXC 1050 XC AXC 3050 FC 350 PCI ETH Description: The issue allows an unauthenticated remote attacker to modify some or all applications on a PLC due to a lack of code...

7.8CVSS7.6AI score0.00332EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.31 views

Phoenix Contact Classic Line Controllers Insufficient Verification of Data Authenticity (CVE-2022-31800)

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

9.9AI score0.01455EPSS
Exploits1References3
CISA
CISA
added 2022/06/22 12:0 a.m.24 views

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

1.7AI score
Exploits0References19
Cvelist
Cvelist
added 2022/06/21 8:0 a.m.20 views

CVE-2022-31800 Insufficient Verification of Data Vulnerability in PHOENIX CONTACT classic line industrial controllers

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device...

9.8CVSS9.9AI score0.01455EPSS
Exploits1References1
ICS
ICS
added 2022/06/21 12:0 a.m.61 views

Phoenix Contact Classic Line Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC, AXC, RFC, PC WORX, FC Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

10CVSS9.9AI score0.01455EPSS
Exploits1References4
ICS
ICS
added 2022/06/21 12:0 a.m.70 views

Phoenix Contact Classic Line Industrial Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 Vulnerability: Missing Authentication for Critical...

9.8CVSS10AI score0.03079EPSS
Exploits1References4
Prion
Prion
added 2021/06/25 7:15 p.m.15 views

Authentication flaw

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...

7.8CVSS7.5AI score0.01493EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.2 views

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 安全漏洞

The Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 are industrial control devices from Phoenix Contact, Germany. The protocol configuration for device management and communication does not include authentication measures. Phoenix Contact Classic Line Controllers versions ILC1x0 and...

7.8CVSS7.5AI score0.01493EPSS
Exploits0References1
Rows per page
Query Builder