Phoenixcontact Axc F 2152 Starterkit Firmware vulnerabilities
3 known vulnerabilities affecting phoenixcontact/axc_f_2152_starterkit_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-34570HIGHCVSS 7.5fixed in 2021.0.52021-09-27
CVE-2021-34570 [HIGH] CWE-20 CVE-2021-34570: Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a Do
Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.
nvd
CVE-2019-10998MEDIUMCVSS 6.8fixed in 2019.0_lts2019-06-18
CVE-2019-10998 [MEDIUM] CWE-287 CVE-2019-10998: An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity.
nvd
CVE-2019-10997MEDIUMCVSS 5.9fixed in 2019.0_lts2019-06-17
CVE-2019-10997 [MEDIUM] CVE-2019-10997: An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.
nvd