VYPR

ILC PLCs

by Phoenixcontact

CVEs (3)

  • CVE-2016-8380HigApr 5, 2018
    risk 0.51cvss 7.3epss 0.11

    The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.

  • CVE-2016-8371HigApr 5, 2018
    risk 0.51cvss 7.3epss 0.11

    The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.

  • CVE-2016-8366HigApr 5, 2018
    risk 0.51cvss 7.3epss 0.06

    Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text.