Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46141

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.

Published

2023-12-14T14:15:42.767

Last Modified

2024-11-21T08:27:57.923

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-732

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	phoenixcontact	automationworx_software_suite	*	Yes
Operating System	phoenixcontact	axc_1050_firmware	*	Yes
Hardware	phoenixcontact	axc_1050	-	No
Operating System	phoenixcontact	axc_1050_xc_firmware	*	Yes
Hardware	phoenixcontact	axc_1050_xc	-	No
Operating System	phoenixcontact	axc_3050_firmware	*	Yes
Hardware	phoenixcontact	axc_3050	-	No
Application	phoenixcontact	config\+	*	Yes
Operating System	phoenixcontact	fc_350_pci_eth_firmware	*	Yes
Hardware	phoenixcontact	fc_350_pci_eth	-	No
Operating System	phoenixcontact	ilc1x0_firmware	*	Yes
Hardware	phoenixcontact	ilc1x0	-	No
Operating System	phoenixcontact	ilc1x1_firmware	*	Yes
Hardware	phoenixcontact	ilc1x1	-	No
Operating System	phoenixcontact	ilc_3xx_firmware	*	Yes
Hardware	phoenixcontact	ilc_3xx	-	No
Application	phoenixcontact	pc_worx	*	Yes
Application	phoenixcontact	pc_worx_express	*	Yes
Operating System	phoenixcontact	pc_worx_rt_basic_firmware	*	Yes
Hardware	phoenixcontact	pc_worx_rt_basic	-	No
Application	phoenixcontact	pc_worx_srt	*	Yes
Operating System	phoenixcontact	rfc_430_eth-ib_firmware	*	Yes
Hardware	phoenixcontact	rfc_430_eth-ib	-	No
Operating System	phoenixcontact	rfc_450_eth-ib_firmware	*	Yes
Hardware	phoenixcontact	rfc_450_eth-ib	-	No
Operating System	phoenixcontact	rfc_460r_pn_3tx_firmware	*	Yes
Hardware	phoenixcontact	rfc_460r_pn_3tx	-	No
Operating System	phoenixcontact	rfc_470s_pn_3tx_firmware	*	Yes
Hardware	phoenixcontact	rfc_470s_pn_3tx	-	No
Operating System	phoenixcontact	rfc_480s_pn_4tx_firmware	*	Yes
Hardware	phoenixcontact	rfc_480s_pn_4tx	-	No

References

https://cert.vde.com/en/advisories/VDE-2023-055/ Third Party Advisory ([email protected])
https://cert.vde.com/en/advisories/VDE-2023-055/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)