Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phoenixcontact vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2019-18352
Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security.
Phoenixcontact Fl Nat 2208 Firmware
Phoenixcontact Fl Nat 2304-2gc-2sfp Firmware
9.8
CVSSv3
CVE-2023-3935
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote malicious user to achieve RCE and gain full access of the host system.
Wibu Codemeter Runtime
Trumpf Tubedesign
Trumpf Trutopsweld
Trumpf Trutopsprintmultilaserassistant
Trumpf Trutopsprint
Trumpf Trutops Mark 3d
Trumpf Trutopsfab Storage Smallstore
Trumpf Trutopsfab
Trumpf Trutops Cell Sw48
Trumpf Trutops Cell Classic
Trumpf Trutopsboost
Trumpf Trutops
Trumpf Trumpflicenseexpert
Trumpf Topscalculation
Trumpf Teczonebend
Trumpf Tops Unfold 05.03.00.00
Trumpf Programmingtube
Trumpf Oseon
Phoenixcontact Module Type Package Designer 1.2.0
Phoenixcontact Module Type Package Designer
Phoenixcontact Activation Wizard
Phoenixcontact Plcnext Engineer
9
CVSSv3
CVE-2020-12517
On Phoenix Contact PLCnext Control Devices versions prior to 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation).
Phoenixcontact Plcnext Firmware
5.5
CVSSv3
CVE-2020-12518
On Phoenix Contact PLCnext Control Devices versions prior to 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks.
Phoenixcontact Plcnext Firmware
7.3
CVSSv3
CVE-2020-12499
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and previous versions an improper path sanitation vulnerability exists on import of project files.
Phoenixcontact Plcnext Engineer
9.8
CVSSv3
CVE-2020-12519
On Phoenix Contact PLCnext Control Devices versions prior to 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.
Phoenixcontact Plcnext Firmware
6.5
CVSSv3
CVE-2020-12521
On Phoenix Contact PLCnext Control Devices versions prior to 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.
Phoenixcontact Plcnext Firmware
7.5
CVSSv3
CVE-2021-21002
In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can lead to a temporary denial of service.
Phoenixcontact Fl Comserver Uni 232/422/485 Firmware
Phoenixcontact Fl Comserver Uni 232/422/485-t Firmware
8.8
CVSSv3
CVE-2019-12869
An issue exists in PHOENIX CONTACT PC Worx up to and including 1.86, PC Worx Express up to and including 1.86, and Config+ up to and including 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-Of-Bounds Read, Information Disclosure, and remote code executio...
Phoenixcontact Automationworx Software Suite
9.8
CVSSv3
CVE-2017-5159
An issue exists on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to Version 8.4.0 via the update-upload facility, the update will succeed, but it will reset the password of the admin user to its default value.
Phoenixcontact Mguard Firmware 8.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »