• 1
  • 2 (current)

PHOENIX CONTACT: Niche Ethernet Stack for ILC1x0, ILC1x1 and AXC 1050 Industrial controllers and CHARX control DC

Third party Niche Ethernet stack has several vulnerabilities announced by the security researcher’s community.
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a Denial of Service or a Breach of Integrity of the PLC.


CVE-2020-35685: 9.1
CVE-2021-31401: 7.5
CVE-2021-31400: 7.5
CVE-2020-35684: 7.5
CVE-2020-35683: 7.5
CVE-2021-31227: 7.5

PHOENIX CONTACT: Products utilizing WIBU SYSTEMS CodeMeter components in versions prior to V7.21a

Please consult the CVE entries above for more details.


CVE-2021-20994: 6.1
CVE-2021-20993: 5.3
  • 1
  • 2 (current)

Feeds

Nach Hersteller

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Legende

(Scoring für CVSS 2.0,3.0+3.1)
keine
Kein CVE verfügbar
Niedrig
0.1 <= 3.9
Mittel
4.0 <= 6.9
Hoch
7.0 <= 8.9
Kritisch
9.0 <= 10.0