PHOENIX CONTACT — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting PHOENIX CONTACT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-2813	HTTP Service DoS Vulnerability — AXL F BK PN TPSCWE-770	7.5	High	2025-07-31
CVE-2025-41668	Phoenix Contact: File access due to the replacement of a critical file used by the service security-profile — AXC F 1152CWE-59	8.8	High	2025-07-08
CVE-2025-41667	Phoenix Contact: File access due to the replacement of a critical file used by the arp-preinit script — AXC F 1152CWE-59	8.8	High	2025-07-08
CVE-2025-41666	Phoenix Contact: File access due to the replacement of a critical file used by the watchdog — AXC F 1152CWE-59	8.8	High	2025-07-08
CVE-2025-41665	Phoenix Contact: DoS of the PLC due to incorrect default permissions possible — AXC F 1152CWE-276	6.5	Medium	2025-07-08
CVE-2025-25271	OCPP Backend Configuration via Insecure Defaults — CHARX SEC-3150CWE-1188	8.8	High	2025-07-08
CVE-2025-25270	Remote Code Execution via Unauthenticated Configuration Manipulation — CHARX SEC-3150CWE-913	9.8	Critical	2025-07-08
CVE-2025-25269	Local Privilege Escalation via Unauthenticated Command Injection — CHARX SEC-3150CWE-78	8.4	High	2025-07-08
CVE-2025-25268	Unauthenticated Configuration Access via Exposed API Endpoint — CHARX SEC-3150CWE-306	8.8	High	2025-07-08
CVE-2025-24006	Privilege Escalation via Insecure SSH Permissions — CHARX SEC-3150CWE-269	7.8	High	2025-07-08
CVE-2025-24005	Local Privilege Escalation via Vulnerable SSH Script — CHARX SEC-3150CWE-20	7.8	High	2025-07-08
CVE-2025-24004	USB-C Buffer Overflow via Display Interface in EV Charging Stations — CHARX SEC-3150CWE-120	5.2	Medium	2025-07-08
CVE-2025-24003	MQTT OOB Write Vulnerability in EichrechtAgents of German EV Charging Stations — CHARX SEC-3150CWE-120	8.2	High	2025-07-08
CVE-2025-24002	MQTT DoS Vulnerability in German EV Charging Stations — CHARX SEC-3150CWE-20	5.3	Medium	2025-07-08
CVE-2018-25112	PHOENIX CONTACT: ILC 1x1 ETH Denial of Service — ILC 131CWE-770	7.5	High	2025-06-04
CVE-2024-11497	Phoenix Contact: CHARX-SEC3xxx Charge controllers vulnerable to privilege escalation — CHARX SEC-3000CWE-732	8.8	High	2025-01-14
CVE-2024-43393	Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices — FL MGUARD 2102CWE-94	8.1	High	2024-09-10
CVE-2024-43392	Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices — FL MGUARD 2102CWE-94	8.1	High	2024-09-10
CVE-2024-43391	Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices — FL MGUARD 2102CWE-94	8.1	High	2024-09-10
CVE-2024-43390	Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices — FL MGUARD 2102CWE-94	8.1	High	2024-09-10
CVE-2024-43389	Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices — FL MGUARD 2102CWE-94	8.1	High	2024-09-10
CVE-2024-43388	Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices — FL MGUARD 2102CWE-94	8.8	High	2024-09-10
CVE-2024-43387	Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices — FL MGUARD 2102CWE-78	8.8	High	2024-09-10
CVE-2024-43386	Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices. — FL MGUARD 2102CWE-78	8.8	High	2024-09-10
CVE-2024-43385	Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices — FL MGUARD 2102CWE-78	8.8	High	2024-09-10
CVE-2024-7699	Phoenix Contact: OS command execution in MGUARD products — FL MGUARD 2102CWE-78	8.8	High	2024-09-10
CVE-2024-7698	Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products — FL MGUARD 2102CWE-201	5.7	Medium	2024-09-10
CVE-2024-7734	Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. — FL MGUARD 2102CWE-770	5.3	Medium	2024-09-10
CVE-2024-6788	Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password — CHARX SEC-3000CWE-1392	8.6	High	2024-08-13
CVE-2024-3913	Phoenix Contact: Start sequence allows attack during the boot process — CHARX SEC-3000 (1139022)CWE-552	5.9	Medium	2024-08-13

This page lists every published CVE security advisory associated with PHOENIX CONTACT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

PHOENIX CONTACT — Vulnerabilities & Security Advisories 142