Phoenixcontact: >> Axc 1050 Firmware Security Vulnerabilities
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-12-14
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.
CVSS Score
9.8
EPSS Score
0.008
Published
2023-12-14
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
CVSS Score
9.8
EPSS Score
0.021
Published
2022-06-21
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
CVSS Score
9.8
EPSS Score
0.018
Published
2019-02-26