| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-34559 | A vulnerability in WirelessHART-Gateway <= 3.0.8 may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings | Phoenix Contact | WHA-GW-F2D2-0-AS- Z2-ETH | Medium | 5.4 | 2021-08-31 10:32:54 | Deep Dive |
| CVE-2021-33555 | A vulnerability may allow remote attackers to read arbitrary files on the server of the WirelessHART-Gateway | Phoenix Contact | WHA-GW-F2D2-0-AS- Z2-ETH | High | 7.5 | 2021-08-31 10:32:53 | Deep Dive |
| CVE-2021-33541 | Phoenix Contact: ILC1x Industrial controllers affected by Denial-of-Service vulnerability | Phoenix Contact | ILC1x | High | 7.5 | 2021-06-25 18:26:06 | Deep Dive |
| CVE-2021-33542 | Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability | Phoenix Contact | Automation Worx Software Suite | High | 7.8 | 2021-06-25 18:26:06 | Deep Dive |
| CVE-2021-33540 | Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices | Phoenix Contact | AXL F BK | High | 7.3 | 2021-06-25 18:26:05 | Deep Dive |
| CVE-2021-21005 | Race Condition Vulnerability in Phoenix Contact FL SWITCH SMCS series products | Phoenix Contact | FL SWITCH | High | 7.5 | 2021-06-25 18:25:53 | Deep Dive |
| CVE-2021-21004 | Cross-site Scripting Vulnerability in Phoenix Contact FL SWITCH SMCS series products | Phoenix Contact | FL SWITCH | High | 7.4 | 2021-06-25 18:25:52 | Deep Dive |
| CVE-2021-21003 | Denial of Service Vulnerability in Phoenix Contact FL SWITCH SMCS series products | Phoenix Contact | FL SWITCH | Medium | 5.3 | 2021-06-25 18:25:51 | Deep Dive |
| CVE-2021-21002 | Denial of Service in Phoenix Contact FL COMSERVER UNI products | Phoenix Contact | FL COMSERVER | High | 7.5 | 2021-06-25 18:25:50 | Deep Dive |
| CVE-2020-12519 | Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use this vulnerability i.e. to open a reverse shell with root privileges. | Phoenix Contact | AXC F 1152 (1151412) | High | 8.8 | 2020-12-17 22:43:15 | Deep Dive |
| CVE-2020-12521 | Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack. | Phoenix Contact | AXC F 1152 (1151412) | Medium | 6.5 | 2020-12-17 22:43:15 | Deep Dive |
| CVE-2020-12523 | Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration | Phoenix Contact | TC MGUARD RS4000 4G VZW VPN (1010461) | Medium | 5.4 | 2020-12-17 22:43:15 | Deep Dive |
| CVE-2020-12517 | Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation). | Phoenix Contact | AXC F 1152 (1151412) | High | 8.8 | 2020-12-17 22:43:14 | Deep Dive |
| CVE-2020-12518 | Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks. | Phoenix Contact | AXC F 1152 (1151412) | Medium | 5.5 | 2020-12-17 22:43:14 | Deep Dive |
| CVE-2020-12524 | Phoenix Contact BTP Touch Panels uncontrolled resource consumption | Phoenix Contact | BTP Touch Panel | High | 7.5 | 2020-12-02 14:39:20 | Deep Dive |
| CVE-2020-12499 | PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier: Improper path sanitation vulnerability. | PHOENIX CONTACT | PLCnext Engineer | High | 8.2 | 2020-07-21 15:09:40 | Deep Dive |
| CVE-2020-12497 | Phoenix Contact Automation Worx <= 1.87: stack-based overflow | Phoenix Contact | Automation Worx | High | 7.8 | 2020-07-01 15:52:35 | Deep Dive |
| CVE-2020-12498 | Phoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code execution | Phoenix Contact | Automation Worx | High | 7.8 | 2020-07-01 15:52:35 | Deep Dive |
| CVE-2019-10953 | 多款PLC产品资源管理错误漏洞 | - | ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers | 高危 | - | 2019-04-17 14:02:15 | Deep Dive |
| CVE-2016-8366 | Phoenix Contact ILC PLC 信任管理漏洞 | Phoenix Contact | Phoenix Contact ILC PLCs | 高危 | - | 2018-04-05 16:00:00 | Deep Dive |