MEDIUM🇬🇧 English

CVE-2023-46144

CVSS 6.5v3.1pub. 2023-12-14upd. 2024-11-21

A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • Phoenixcontact Axc F 1152

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Axc F 1152 Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Axc F 2152

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Axc F 2152 Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Axc F 3152

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Axc F 3152 Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Bpc 9102s

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Bpc 9102s Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Epc 1502

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Epc 1502 Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Epc 1522

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Epc 1522 Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Plcnext Engineer

    APP
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Rfc 4072r

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Rfc 4072r Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
  • Phoenixcontact Rfc 4072s

    HW
    Phoenixcontact
    wszystkie wersje
  • Phoenixcontact Rfc 4072s Firmware

    OS
    Phoenixcontact
    ≤ 2024.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-3935CRITICAL9.8ten sam produkt

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an u...

CVE-2023-46142HIGH8.8ten sam produkt

A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote att...

CVE-2021-34570HIGH7.5ten sam produkt

Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack t...

CVE-2020-12519HIGH8.8ten sam produkt

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i...

CVE-2020-12517HIGH8.8ten sam produkt

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user cou...