Phoenixcontact: >> Plcnext Engineer Security Vulnerabilities
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-12-14
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-14
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-13
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
CVSS Score
8.2
EPSS Score
0.001
Published
2020-07-21