Skip to main content

Plcnext Engineer

4 CVEs product

Monthly

CVE-2023-46144 MEDIUM This Month

A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Axc F 1152 Firmware Axc F 2152 Firmware Axc F 3152 Firmware Bpc 9102S Firmware +5
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-46142 HIGH This Week

A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Axc F 1152 Firmware Axc F 2152 Firmware Axc F 3152 Firmware Bpc 9102S Firmware +5
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-3935 CRITICAL Act Now

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Codemeter Runtime Oseon Programmingtube +21
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-12499 HIGH This Week

In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Plcnext Engineer
NVD
CVSS 3.1
7.3
EPSS
0.4%
EPSS 0% CVSS 6.5
MEDIUM This Month

A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Axc F 1152 Firmware Axc F 2152 Firmware +7
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Axc F 1152 Firmware Axc F 2152 Firmware +7
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Codemeter Runtime +23
NVD
EPSS 0% CVSS 7.3
HIGH This Week

In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Plcnext Engineer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy