CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

phoenixcontact

axc_f_2152_starterkit_firmware

3 known vulnerabilities · sorted by CVSS score

CVE-2021-34570

HIGH7.5

Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.

phoenixcontact / plcnext_technology_starterkit_firmware+5

Network

Published Sep 27, 2021

CVE-2019-10998

MEDIUM6.8

An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity.

phoenixcontact / axc_f_2152_firmware+1

Physical

Published Jun 18, 2019

CVE-2019-10997

MEDIUM5.9

An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.

phoenixcontact / axc_f_2152_firmware+1

Network

Published Jun 17, 2019