CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

phoenixcontact

ilc1x0_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2023-46141

CRITICAL9.8

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.

phoenixcontact / automationworx_software_suite+17

Network

Published Dec 14, 2023

CVE-2022-31800

CRITICAL9.8

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

phoenixcontact / axc_1050_firmware+16

Network

Published Jun 21, 2022

CVE-2021-33541

HIGH7.5

Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of service on the PLC's network communication module. A successful attack stops all network communication. To restore the network connectivity the device needs to be restarted. The automation task is not affected.

phoenixcontact / ilc1x0_firmware+1

Network

Published Jun 25, 2021

CVE-2023-46143

HIGH7.5

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.

phoenixcontact / automationworx_software_suite+17

Network

Published Dec 14, 2023