VDE-2024-070 | CERT@VDE

2025-01-14 12:00 (CET) VDE-2024-070

Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers

Share: Email | Twitter

ID

VDE-2024-070

Published

2025-01-14 12:00 (CET)

Last update

2025-01-13 11:30 (CET)

Vendor(s)

PHOENIX CONTACT GmbH & Co. KG

Product(s)

Article No°	Product Name	Affected Version(s)
	CHARX SEC-3000	< 1.7.0
	CHARX SEC-3050	< 1.7.0
	CHARX SEC-3100	< 1.7.0
	CHARX SEC-3150	< 1.7.0

Summary

Improper file permission handling allows an authenticated low privileged user to gain root access.

CVE ID

CVE-2024-11497

Last Update:

Jan. 13, 2025, 11:22 a.m.

Severity

8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Weakness

Incorrect Permission Assignment for Critical Resource (CWE-732)

Summary

An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.

Details

certvde.com

Impact

This vulnerability allows the authenticated user "user-app" to gain root rights (privilege escalation).

Solution

Mitigation

Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to General Recommendation.

Remediation

Phoenix Contact strongly recommends upgrading affected charge controllers to firmware version 1.7.0 or higher which fixes this vulnerability.

Reported by

CERT@VDE coordinated with Phoenix Contact.

Finder: Tien Phan, Richard Jaletzki