Advisories

Show filters filter

Manufacturer

Scoring

For CVSS 2.0, 3.0 and 3.2

No CVE available

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2022-058

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Profinet SDK libexpat vulnerabilities

Two vulnerabilities have been discovered in the Expat XML parser library (aka libexpat). This open-source component is widely used in a lot of products worldwide. An attacker could cause a …

CVE-2022-40674

CVE-2022-43680

VDE-2022-051

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family

A denial of service of the HTTPS management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections originating …

CVE-2022-3480

VDE-2022-048

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities

Manipulated PC Worx or Config+ files could lead to a heap buffer overflow, release of unallocated memory or a read access violation due to insufficient validation of input data.The attacker …

CVE-2022-3737

CVE-2022-3461

VDE-2022-046

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware

UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control …

CVE-2022-32207

CVE-2022-25315

CVE-2022-25236

CVE-2022-25235

CVE-2022-0547

CVE-2022-0729

CVE-2022-24407

CVE-2022-28391

CVE-2022-27778

CVE-2022-22576

CVE-2022-2257

CVE-2022-2206

CVE-2022-2264

CVE-2022-2288

CVE-2022-2289

CVE-2022-2286

CVE-2022-2284

CVE-2022-2285

CVE-2022-2345

CVE-2022-2344

CVE-2022-2210

CVE-2022-2207

CVE-2022-2343

CVE-2022-2183

CVE-2022-2182

CVE-2022-2175

CVE-2022-2129

CVE-2022-1942

CVE-2022-1927

CVE-2021-3973

CVE-2022-0368

CVE-2022-0361

CVE-2022-0685

CVE-2022-0572

CVE-2022-1160

CVE-2022-0943

CVE-2022-1154

CVE-2022-1720

CVE-2022-1898

CVE-2022-1851

CVE-2022-1886

CVE-2022-1785

CVE-2022-1769

CVE-2022-1735

CVE-2022-1629

CVE-2022-1619

CVE-2022-1616

CVE-2022-1621

CVE-2022-1796

CVE-2022-1733

CVE-2022-1381

CVE-2022-0778

CVE-2022-29864

CVE-2022-29862

CVE-2019-19906

CVE-2022-27775

CVE-2022-27781

CVE-2022-27780

CVE-2022-25314

CVE-2022-27782

CVE-2018-25032

CVE-2022-1620

CVE-2022-23308

CVE-2021-3796

CVE-2022-2287

CVE-2021-4166

CVE-2021-45117

CVE-2022-32206

CVE-2022-27776

CVE-2022-25313

CVE-2022-29824

CVE-2022-32208

CVE-2022-27774

CVE-2022-2231

CVE-2022-2208

CVE-2022-0714

CVE-2022-0696

CVE-2022-1771

CVE-2022-1674

CVE-2022-1420

CVE-2022-27779

CVE-2022-32205

CVE-2022-30115

VDE-2022-028

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

ProConOS/ProConOS eCLR designed for use in closed industrial networks provide communication protocols without authentication. Please also refer the original ICS-CERT advisory ICSA-15-013-03 published 13 January 2015.

CVE-2014-9195

VDE-2022-026

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

ProConOS/ProConOS eCLR insufficiently verifies uploaded data.

CVE-2022-31801

VDE-2022-025

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Vulnerability in classic line industrial controllers

The affected devices insufficiently verify uploaded data.

CVE-2022-31800

VDE-2022-018

May 11, 2022, 4:20 PM

PHOENIX CONTACT: Multiple vulnerabilities in RAD-ISM-900-EN-BD devices

Multiple vulnerabilities have been discovered in the firmware and in libraries utilized of RAD-ISM-900-EN-BD devices: In addition to the above listed CVEs the following issues were identified: Vulnerabilities related to …

CVE-2022-29898

CVE-2022-29897