Phoenixcontact-Software: Security Vulnerabilities
An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-21
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic.
CVSS Score
7.5
EPSS Score
0.768
Published
2015-01-17