Phoenix Contact Plcnext Engineer vulnerabilities
3 known vulnerabilities affecting phoenix_contact/plcnext_engineer.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-46142HIGHCVSS 8.8≤ 2024.02023-12-14
CVE-2023-46142 [HIGH] CWE-732 CVE-2023-46142: A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
cvelistv5nvd
CVE-2023-46144MEDIUMCVSS 6.5≤ 2024.02023-12-14
CVE-2023-46144 [MEDIUM] CWE-494 CVE-2023-46144: A download of code without integrity check vulnerability in PLCnext products allows an remote attack
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.
cvelistv5nvd
CVE-2020-12499HIGHCVSS 7.3≥ unspecified, ≤ 2020.3.12020-07-21
CVE-2020-12499 [HIGH] CWE-22 CVE-2020-12499: In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnera
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
cvelistv5nvd