Vulnerability Details CVE-2019-10998
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.7%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
Products affected by CVE-2019-10998
-
cpe:2.3:h:phoenixcontact:axc_f_2152:-
-
cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.01
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.02
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.1.0
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.20
-
cpe:2.3:o:phoenixcontact:axc_f_2152_starterkit_firmware:*