77 matches found
CVE-2025-41669
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...
CVE-2025-41669
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...
EUVD-2025-209952
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...
CVE-2025-41669 Insufficient Verification of Data Authenticity
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...
CVE-2025-41669 Insufficient Verification of Data Authenticity
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...
CVE-2025-41669
The CVE-2025-41669 entry concerns the PLCnext platform’s Web-based Management. A remote, low-privileged Engineer can install additional APPs downloaded from the PLCnext Store without data verification, enabling arbitrary code execution with root privileges on the PLCnext Control. This could impac...
PHOENIX CONTACT多款产品 数据伪造问题漏洞
PHOENIX CONTACT AXC F 1152, among others, are controller devices produced by the German company PHOENIX CONTACT. Several products from PHOENIX CONTACT have vulnerabilities related to data manipulation. These vulnerabilities stem from the lack of a data validation mechanism when allowing remote,...
PT-2026-43541
Name of the Vulnerable Software and Affected Versions PLCnext Control affected versions not specified Description The Web-based Management interface lacks a data verification mechanism when installing additional APPs downloaded from the PLCnext Store. This allows a remote low-privileged Engineer...
EUVD-2021-21220
Malware in sbrugna...
EUVD-2020-4801
Malware in sbrugna...
EUVD-2020-4819
Malware in sbrugna...
EUVD-2020-4821
Malware in sbrugna...
EUVD-2020-4823
Malware in sbrugna...
EUVD-2020-4820
Malware in sbrugna...
EUVD-2023-50387
Malicious code in bioql PyPI...
EUVD-2023-50385
Malicious code in bioql PyPI...
CVE-2023-46144
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices...
CVE-2023-46142
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices...
Phoenix Contact PLCnext Improper Input Validation (CVE-2021-34570)
Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
PHOENIX CONTACT PLCNext AXC F 2152 Improper Access Control (CVE-2019-10998)
An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunit...