Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.


CVE-2025-24003: 8.2
CVE-2025-24005: 7.8
CVE-2025-24006: 7.8
CVE-2025-24002: 5.3
CVE-2025-24004: 5.2

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple vulnerabilities in the PLCnext system allowed low-privileged remote attackers to gain unauthorized access or trigger system reboots by manipulating configuration files and symbolic links. Affected services include watchdog, arp-preinit, and security-profile, potentially exposing critical system files. These issues have been resolved in firmware version 2025.0.2.


CVE-2025-41666: 8.8
CVE-2025-41667: 8.8
CVE-2025-41668: 8.8
CVE-2025-41665: 6.5

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2


CVE-2024-12084: 9.8
CVE-2024-52533: 9.8
CVE-2025-0665: 9.8
CVE-2024-5535: 9.1
CVE-2024-38428: 9.1
CVE-2024-5594: 9.1
CVE-2024-6345: 8.8
CVE-2025-24965: 8.1
CVE-2018-1000156: 7.8
CVE-2019-13638: 7.8
CVE-2018-20969: 7.8
CVE-2018-1000035: 7.8
CVE-2018-6952: 7.5
CVE-2024-6232: 7.5
CVE-2024-25062: 7.5
CVE-2024-6119: 7.5
CVE-2024-12705: 7.5
CVE-2024-12085: 7.5
CVE-2024-8176: 7.5
CVE-2018-6951: 7.5
CVE-2015-7696: 6.8
CVE-2025-26465: 6.8
CVE-2024-5742: 6.7
CVE-2024-12087: 6.5
CVE-2024-10524: 6.5
CVE-2024-12088: 6.5
CVE-2024-12086: 6.1
CVE-2019-13636: 5.9
CVE-2024-50602: 5.9
CVE-2024-9681: 5.9
CVE-2025-26466: 5.9
CVE-2024-9287: 5.8
CVE-2024-12747: 5.6
CVE-2022-0529: 5.5
CVE-2019-20633: 5.5
CVE-2024-0684: 5.5
CVE-2022-0530: 5.5
CVE-2018-18384: 5.5
CVE-2024-9341: 5.4
CVE-2023-27043: 5.3
CVE-2024-12133: 5.3
CVE-2020-16120: 5.1
CVE-2024-10918: 4.8
CVE-2023-7256: 4.4
CVE-2024-8006: 4.4
CVE-2024-28882: 4.3
CVE-2024-9143: 4.3
CVE-2015-7697: 4.3
CVE-2016-9844: 4.0
CVE-2024-11053: 3.4
CVE-2025-0167: 3.4
CVE-2019-13232: 3.3
CVE-2021-4217: 3.3
CVE-2025-27113: 2.9

Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

Multiple vulnerabilities in the firmware of CHARX SEC-3xxx charging controllers have been discovered.


CVE-2025-25270: 9.8
CVE-2025-25268: 8.8
CVE-2025-25271: 8.8
CVE-2025-25269: 8.4

Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers

A denial of service (DoS) attack targeting port 80 (http service) can overload the device (CWE-770). This behaviour has been observed when running network security scanners.


CVE-2025-2813: 7.5

Phoenix Contact: Security Advisory for ESL Stick USB-A

A vulnerability has been found in a cryptographic library of Infineon Technologies that is part of the firmware of the CmDongles. The exploitation of this vulnerability has been classified as complex: potential attackers need physical access and require special equipment to exploit the vulnerability. In general, this vulnerability affects only ECC keys used to calculate signatures with the ECDSA algorithm.


CVE-2024-45678: 4.2

Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers

Improper file permission handling allows an authenticated low privileged user to gain root access.


CVE-2024-11497: 8.8

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS


CVE-2024-32002: 9.0
CVE-2024-6387: 8.1
CVE-2024-39894: 7.5
CVE-2024-2511: 5.9
CVE-2024-4741: 5.6
CVE-2024-4603: 5.3

Feeds

By Vendor

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0