CVE-2023-46143: Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all…

high7.5CVSS 3.1

AVNACLPRNUINSUCNIHAN

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.

Affected

18 ranges

Vendor	Product	Version range	Fixed in
phoenix_contact	automation_worx_software_suite	—	—
phoenix_contact	axc_1050	—	—
phoenix_contact	axc_1050_xc	—	—
phoenix_contact	axc_3050	—	—
phoenix_contact	config	—	—
phoenix_contact	fc_350_pci_eth	—	—
phoenix_contact	ilc1x0	—	—
phoenix_contact	ilc1x1	—	—
phoenix_contact	ilc_3xx	—	—
phoenix_contact	pc_worx	—	—
phoenix_contact	pc_worx_express	—	—
phoenix_contact	pc_worx_rt_basic	—	—
phoenix_contact	pc_worx_srt	—	—
phoenix_contact	rfc_430_eth-ib	—	—
phoenix_contact	rfc_450_eth-ib	—	—
phoenix_contact	rfc_460r_pn_3tx	—	—
phoenix_contact	rfc_470s_pn_3tx	—	—
phoenix_contact	rfc_480s_pn_4tx	—	—