VYPR
Unrated severityNVD Advisory· Published Dec 14, 2023· Updated Oct 1, 2024

PHOENIX CONTACT: PLCnext Control prone to download of code without integrity check

CVE-2023-46144

Description

A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.

Affected products

9
  • Phoenixcontact/AXC F 2152cpe-rescue3 versions
    0+ 2 more
    • (no CPE)range: 0
    • (no CPE)range: 0
    • (no CPE)range: 0
  • PHOENIX CONTACT/BPC 9102Sv5
    Range: 0
  • PHOENIX CONTACT/EPC 1502v5
    Range: 0
  • PHOENIX CONTACT/EPC 1522v5
    Range: 0
  • PHOENIX CONTACT/RFC 4072Rv5
    Range: 0
  • PHOENIX CONTACT/RFC 4072Sv5
    Range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.