VDE-2019-020
Mai 22, 2025, 3:03 nachm.
PHOENIX CONTACT: improper access control exists on FL NAT devices when using MAC-based port security
If MAC-based port security or 802.1x port security is enabled, the FL NAT 2xxx will unintentionally grant access to unauthorized devices in case of routed transmission. ''' Subnet 2---(Ports belonging …
VDE-2019-016
Mai 14, 2025, 2:28 nachm.
Manipulated PC Worx or Config+ projects could lead to a remote code execution due to insufficient input data validation. The attacker needs to get access to an original PC Worx …
VDE-2019-015
Juli 11, 2025, 9:00 vorm.
Phoenix Contact Classic Line industrial controllers (ILC1x0 and ILC1x1 product families as well as the AXIOLINE controllers AXC1050 and AXC3050) are developed and designed for the use in closed industrial …
VDE-2019-014
Mai 14, 2025, 2:28 nachm.
A manipulated PC Worx or Config+ project file could lead to a remote code execution.\ The attacker needs to get access to an original PC Worx or Config+ project file …
VDE-2019-009
Mai 22, 2025, 3:03 nachm.
Multiple vulnerabilities have been identified in PHOENIX CONTACT AXC F 2152 with firmware versions 1.x
VDE-2019-007
Mai 14, 2025, 2:28 nachm.
A WebHMI utility may be exploited by any logged in user allowing the execution of arbitrary OS commands on the server. This provides the opportunity for a command injection attack.
VDE-2019-006
Mai 14, 2025, 2:28 nachm.
After login the source IP is used as the session identifier, so that users sharing the same source IP are able to gain full authenticated access to the WEB-UI. The …
VDE-2019-003
Mai 14, 2025, 3:00 nachm.
Multiple vulnerabilities for MEVIEW3 have been identified in PHOENIX CONTACT MEVIEW3, versions below 3.14.25 and 3.15.18