CVE-2023-46142
published 2023-12-14CVE-2023-46142: A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phoenix_contact | axc_f_1152 | <= 2024.0 | — |
| phoenix_contact | axc_f_2152 | <= 2024.0 | — |
| phoenix_contact | axc_f_3152 | <= 2024.0 | — |
| phoenix_contact | bpc_9102s | <= 2024.0 | — |
| phoenix_contact | epc_1502 | <= 2024.0 | — |
| phoenix_contact | epc_1522 | <= 2024.0 | — |
| phoenix_contact | plcnext_engineer | <= 2024.0 | — |
| phoenix_contact | rfc_4072r | <= 2024.0 | — |
| phoenix_contact | rfc_4072s | <= 2024.0 | — |
| phoenixcontact | axc_f_1152_firmware | <= 2024.0 | — |
| phoenixcontact | axc_f_2152_firmware | <= 2024.0 | — |
| phoenixcontact | axc_f_3152_firmware | <= 2024.0 | — |
| phoenixcontact | bpc_9102s_firmware | <= 2024.0 | — |
| phoenixcontact | epc_1502_firmware | <= 2024.0 | — |
| phoenixcontact | epc_1522_firmware | <= 2024.0 | — |
| phoenixcontact | plcnext_engineer | <= 2024.0 | — |
| phoenixcontact | rfc_4072r_firmware | <= 2024.0 | — |
| phoenixcontact | rfc_4072s_firmware | <= 2024.0 | — |