5 matches found
PT-2023-7875 · Phoenix Contact · Fc 350 Pci Eth +4
Name of the Vulnerable Software and Affected Versions: PHOENIX CONTACT classic line PLCs affected versions not specified AXC 1050 AXC 1050 XC AXC 3050 FC 350 PCI ETH Description: The issue allows an unauthenticated remote attacker to modify some or all applications on a PLC due to a lack of code...
Phoenix Contact Classic Line Controllers Insufficient Verification of Data Authenticity (CVE-2022-31800)
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report
CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...
Authentication flaw
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of...
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 安全漏洞
The Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 are industrial control devices from Phoenix Contact, Germany. The protocol configuration for device management and communication does not include authentication measures. Phoenix Contact Classic Line Controllers versions ILC1x0 and...