Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Phoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code execution
Vulnerability Description
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Phoenix Contact PC Worx和Worx Express 缓冲区错误漏洞
Vulnerability Description
Phoenix Contact PC Worx和Phoenix Contact PC Worx Express都是德国菲尼克斯电气(Phoenix Contact)公司的一套用于PLC(可编程逻辑控制器)的编程软件。 Phoenix Contact PC Worx和PC Worx Express 1.87及之前版本中的mwe文件解析存在缓冲区错误漏洞,该漏洞源于程序未充分验证输入数据。远程攻击者可利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A