An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HPhoenixcontact Automationworx Software Suite
APPPhoenixcontact≤ 1.86
Powiązane podatności
Phoenix Contact: nieuprawniony zdalny dostęp do urządzeń linii klasycznej
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthen...
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could...
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended sco...
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ thr...