3 matches found
CVE-2022-31801
CVE-2022-31801 concerns Phoenix Contact’s ProConOS/ProConOS eCLR SDK and MULTIPROG. The vulnerability is caused by insufficient verification of data authenticity (CWE-345), enabling an unauthenticated, remote attacker to upload arbitrary malicious logic to a ProConOS/eCLR-based device and achieve...
CVE-2023-5592
The CVE-2023-5592 issue affects PHOENIX CONTACT MULTIPROG and PHOENIX CONTACT ProConOS eCLR (SDK). The root cause is a download of code without integrity checks, allowing an unauthenticated remote attacker to download and execute applications on the device, which may result in a complete loss of ...
CVE-2023-0757
CVE-2023-0757 affects Phoenix Contact Multiprog and ProConOS eCLR (SDK). Description: an incorrect permission assignment for a critical resource allows an unauthenticated, remote attacker to upload arbitrary malicious code and gain full control of the affected device. Exploitation details or in‑t...