← Volver a CVEs
CVE-2023-46141
CRITICAL9.8
Descripcion
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado12/14/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
phoenixcontact:automationworx_software_suitephoenixcontact:axc_1050phoenixcontact:axc_1050_firmwarephoenixcontact:axc_1050_xcphoenixcontact:axc_1050_xc_firmwarephoenixcontact:axc_3050phoenixcontact:axc_3050_firmwarephoenixcontact:config\+phoenixcontact:fc_350_pci_ethphoenixcontact:fc_350_pci_eth_firmwarephoenixcontact:ilc1x0phoenixcontact:ilc1x0_firmwarephoenixcontact:ilc1x1phoenixcontact:ilc1x1_firmwarephoenixcontact:ilc_3xxphoenixcontact:ilc_3xx_firmwarephoenixcontact:pc_worxphoenixcontact:pc_worx_expressphoenixcontact:pc_worx_rt_basicphoenixcontact:pc_worx_rt_basic_firmwarephoenixcontact:pc_worx_srtphoenixcontact:rfc_430_eth-ibphoenixcontact:rfc_430_eth-ib_firmwarephoenixcontact:rfc_450_eth-ibphoenixcontact:rfc_450_eth-ib_firmwarephoenixcontact:rfc_460r_pn_3txphoenixcontact:rfc_460r_pn_3tx_firmwarephoenixcontact:rfc_470s_pn_3txphoenixcontact:rfc_470s_pn_3tx_firmwarephoenixcontact:rfc_480s_pn_4txphoenixcontact:rfc_480s_pn_4tx_firmware
Debilidades (CWE)
CWE-732
Referencias
https://cert.vde.com/en/advisories/VDE-2023-055/(info@cert.vde.com)
https://cert.vde.com/en/advisories/VDE-2023-055/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.