CVE-2022-3461
published 2022-11-15CVE-2022-3461: In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phoenix_contact | config | <= 1.89 | — |
| phoenix_contact | pc_worx | <= 1.89 | — |
| phoenix_contact | pc_worx_express | <= 1.89 | — |
| phoenixcontact | automationworx_software_suite | — | — |