An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:HPhoenixcontact Charx Sec 3000
HWPhoenixcontactwszystkie wersjePhoenixcontact Charx Sec 3000 Firmware
OSPhoenixcontact≤ 1.6.5Phoenixcontact Charx Sec 3050
HWPhoenixcontactwszystkie wersjePhoenixcontact Charx Sec 3050 Firmware
OSPhoenixcontact≤ 1.6.5Phoenixcontact Charx Sec 3100
HWPhoenixcontactwszystkie wersjePhoenixcontact Charx Sec 3100 Firmware
OSPhoenixcontact≤ 1.6.5Phoenixcontact Charx Sec 3150
HWPhoenixcontactwszystkie wersjePhoenixcontact Charx Sec 3150 Firmware
OSPhoenixcontact≤ 1.6.5
Powiązane podatności
RCE jako root w sterownikach ładowania Phoenix Contact CHARX SEC-3x00
RCE i eskalacja uprawnień w Phoenix Contact CHARX SEC — brak walidacji danych wejściowych
A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate ...
A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to ...
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint ...