Skip to main content

Automationworx Software Suite

7 CVEs product

Monthly

CVE-2023-46143 HIGH This Week

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware Axc 1050 Xc Firmware Axc 3050 Firmware +14
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-46141 CRITICAL Act Now

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware Axc 1050 Xc Firmware Axc 3050 Firmware +14
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-3737 HIGH This Week

In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended scope due to insufficient validation of input data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Automationworx Software Suite
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-3461 HIGH This Week

In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Automationworx Software Suite
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-12870 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption Automationworx Software Suite
NVD
CVSS 3.0
8.8
EPSS
3.7%
CVE-2019-12869 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft Information Disclosure Automationworx Software Suite
NVD
CVSS 3.0
8.8
EPSS
3.8%
CVE-2019-12871 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Automationworx Software Suite
NVD
CVSS 3.0
8.8
EPSS
3.7%
EPSS 0% CVSS 7.5
HIGH This Week

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware +16
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Automationworx Software Suite Axc 1050 Firmware +16
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended scope due to insufficient validation of input data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Automationworx Software Suite
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Automationworx Software Suite
NVD
EPSS 4% CVSS 8.8
HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption +1
NVD
EPSS 4% CVSS 8.8
HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft +2
NVD
EPSS 4% CVSS 8.8
HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy