Known Vulnerabilities for products from Phoenixcontact
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Phoenixcontact".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Phoenixcontact can be found at device.report : Phoenixcontact
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22509 | In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to e... | 8.8 - HIGH | 2022-02-02 | 2022-02-05 |
| CVE-2021-34598 | In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by... | 7.5 - HIGH | 2021-11-10 | 2022-07-28 |
| CVE-2021-34597 | Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an atta... | 7.8 - HIGH | 2021-11-04 | 2021-11-08 |
| CVE-2021-34582 | In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML cod... | 4.8 - MEDIUM | 2021-11-10 | 2022-07-28 |
| CVE-2021-34579 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-11-09 | 2022-11-15 |
| CVE-2021-34570 | Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special ... | 7.5 - HIGH | 2021-09-27 | 2022-07-28 |
| CVE-2021-33542 | Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulne... | 7 - HIGH | 2021-06-25 | 2021-09-20 |
| CVE-2021-33541 | Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulne... | 7.5 - HIGH | 2021-06-25 | 2021-07-02 |
| CVE-2021-33540 | In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access t... | 7.3 - HIGH | 2021-06-25 | 2021-07-02 |
| CVE-2021-21005 | In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with th... | 7.5 - HIGH | 2021-06-25 | 2021-07-01 |
| CVE-2021-21004 | In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames ... | 6.1 - MEDIUM | 2021-06-25 | 2021-07-02 |
| CVE-2021-21003 | In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service o... | 5.3 - MEDIUM | 2021-06-25 | 2021-07-01 |
| CVE-2021-21002 | In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can lead to a temporary denial of ... | 7.5 - HIGH | 2021-06-25 | 2021-07-01 |
| CVE-2020-12524 | Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in al... | 7.5 - HIGH | 2020-12-02 | 2020-12-04 |
| CVE-2020-12523 | On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in th... | 9.1 - CRITICAL | 2020-12-17 | 2020-12-21 |
| CVE-2020-12521 | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high syst... | 6.5 - MEDIUM | 2020-12-17 | 2020-12-21 |
| CVE-2020-12519 | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a r... | 9.8 - CRITICAL | 2020-12-17 | 2020-12-21 |
| CVE-2020-12518 | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the... | 5.5 - MEDIUM | 2020-12-17 | 2020-12-21 |
| CVE-2020-12517 | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malici... | 9 - CRITICAL | 2020-12-17 | 2020-12-21 |
| CVE-2020-12499 | In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import o... | 7.3 - HIGH | 2020-07-21 | 2020-08-05 |
Known software with vulnerabilities from Phoenixcontact
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Phoenixcontact | Axl F Bk Eth | - |
| Operating System | Phoenixcontact | Axl F Bk Eth Firmware | - |
| Hardware | Phoenixcontact | Axl F Bk Eth Xc | - |
| Operating System | Phoenixcontact | Axl F Bk Eth Xc Firmware | - |
| Hardware | Phoenixcontact | Axl F Bk Pn | - |
| Operating System | Phoenixcontact | Axl F Bk Pn Firmware | - |
| Application | Phoenixcontact | Config | - |
| Application | Phoenixcontact | Pc Worx | - |
| Application | Phoenixcontact | Pc Worx Express | - |
| Application | Phoenixcontact | Pc Worx Srt | - |
| Application | Phoenixcontact | Plcnext Engineer | - |
| Hardware | Phoenixcontact | Tc Cloud Client 1002-4g | - |
| Operating System | Phoenixcontact | Tc Cloud Client 1002-4g Firmware | 2.03.17 |
| Hardware | Phoenixcontact | Tc Cloud Client 1002-txtx | - |
| Operating System | Phoenixcontact | Tc Cloud Client 1002-txtx Firmware | 1.03.17 |
| Hardware | Phoenixcontact | Tc Router 2002t-3g | - |
| Operating System | Phoenixcontact | Tc Router 2002t-3g Firmware | 2.05.3 |
| Hardware | Phoenixcontact | Tc Router 3002t-4g | - |
| Hardware | Phoenixcontact | Tc Router 3002t-4g Att | - |
| Operating System | Phoenixcontact | Tc Router 3002t-4g Att Firmware | 2.05.3 |