A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HPhoenixcontact Axc F 1152
HWPhoenixcontactwszystkie wersjePhoenixcontact Axc F 1152 Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Axc F 2152
HWPhoenixcontactwszystkie wersjePhoenixcontact Axc F 2152 Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Axc F 3152
HWPhoenixcontactwszystkie wersjePhoenixcontact Axc F 3152 Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Bpc 9102s
HWPhoenixcontactwszystkie wersjePhoenixcontact Bpc 9102s Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Epc 1502
HWPhoenixcontactwszystkie wersjePhoenixcontact Epc 1502 Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Epc 1522
HWPhoenixcontactwszystkie wersjePhoenixcontact Epc 1522 Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Plcnext Engineer
APPPhoenixcontact≤ 2024.0Phoenixcontact Rfc 4072r
HWPhoenixcontactwszystkie wersjePhoenixcontact Rfc 4072r Firmware
OSPhoenixcontact≤ 2024.0Phoenixcontact Rfc 4072s
HWPhoenixcontactwszystkie wersjePhoenixcontact Rfc 4072s Firmware
OSPhoenixcontact≤ 2024.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2023-3935CRITICAL9.8ten sam produkt
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an u...
CVE-2021-34570HIGH7.5ten sam produkt
Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack t...
CVE-2020-12519HIGH8.8ten sam produkt
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i...
CVE-2020-12517HIGH8.8ten sam produkt
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user cou...
CVE-2020-12499HIGH8.2ten sam produkt
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exi...