Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Phoenix Contact — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting Phoenix Contact. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Phoenix Contact:FL SWITCH 2005CHARX SEC-3000WP 6070-WVPSFL MGUARD 2102CHARX SEC-3150WHA-GW-F2D2-0-AS- Z2-ETHAXC F 1152QUINT4-UPS/24DC/24DC/5/EIPAXC F 1152 (1151412)Phoenix Contact ILC PLCsFL SWITCHAutomation Worx Software SuiteMULTIPROGFL MGUARDAutomation WorxCLOUD CLIENT 1101T-TX/TXConfig+RAD-ISM-900-EN-BD/BENERGY AXC PU (1264327)CHARX SEC-3000 (1139022)ILC 131TC ROUTER 3002T-3GAXL F BK PN TPSDaUMProConOsFL MGUARD CENTERPORTILC 1x0PC WorxFL MGUARD DM (2981974)AXC F
CVE IDTitleCVSSSeverityPublished
CVE-2024-28137 PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series — CHARX SEC-3000CWE-367 7.8 High2024-05-14
CVE-2024-28136 PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service — CHARX SEC-3000CWE-77 7.8 High2024-05-14
CVE-2024-28135 PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series — CHARX SEC-3000CWE-77 5.0 Medium2024-05-14
CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series — CHARX SEC-3000CWE-319 7.0 High2024-05-14
CVE-2024-28133 PHOENIX CONTACT: Privilege escalation in CHARX Series — CHARX SEC-3000CWE-426 7.8 High2024-05-14
CVE-2024-26288 PHOENIX CONTACT: Lack of SSL support in CHARX Series — CHARX SEC-3000CWE-319 8.7 High2024-03-12
CVE-2024-26005 PHOENIX CONTACT: Privilege gain through incomplete cleanup in CHARX Series — CHARX SEC-3000CWE-459 4.8 Medium2024-03-12
CVE-2024-26004 PHOENIX CONTACT: DoS of a control agent due to access of a uninitialized pointer in CHARX Series — CHARX SEC-3000CWE-824 7.5 High2024-03-12
CVE-2024-26003 PHOENIX CONTACT: DoS of the control agent in CHARX Series — CHARX SEC-3000CWE-125 7.5 High2024-03-12
CVE-2024-26002 PHOENIX CONTACT: File ownership manipulation in CHARX Series — CHARX SEC-3000CWE-20 7.8 High2024-03-12
CVE-2024-26001 PHOENIX CONTACT: Out of bounds write only memory access — CHARX SEC-3000CWE-787 7.4 High2024-03-12
CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access — CHARX SEC-3000CWE-125 5.9 Medium2024-03-12
CVE-2024-25999 PHOENIX CONTACT: Privilege escalation in the OCPP agent service — CHARX SEC-3000CWE-20 8.4 High2024-03-12
CVE-2024-25998 PHOENIX CONTACT: Command injection in the OCPP Service — CHARX SEC-3000CWE-77 7.3 High2024-03-12
CVE-2024-25997 PHOENIX CONTACT: Log injection in CHARX Series — CHARX SEC-3000CWE-20 5.3 Medium2024-03-12
CVE-2024-25996 PHOENIX CONTACT: Remote code execution due to an origin validation error in CHARX Series — CHARX SEC-3000CWE-346 5.3 Medium2024-03-12
CVE-2024-25995 PHOENIX CONTACT: Remote code execution in CHARX Series — CHARX SEC-3000CWE-20 9.8 Critical2024-03-12
CVE-2024-25994 PHOENIX CONTACT: Unintended script file upload in CHARX Series — CHARX SEC-3000CWE-434 5.3 Medium2024-03-12
CVE-2023-46144 PHOENIX CONTACT: PLCnext Control prone to download of code without integrity check — AXC F 1152CWE-494 6.5 Medium2023-12-14
CVE-2023-46143 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC — Automation Worx Software SuiteCWE-494 7.5 High2023-12-14
CVE-2023-46142 PHOENIX CONTACT: Insufficient Read and Write Protection to Logic and Runtime Data in PLCnext Control — AXC F 1152CWE-732 8.8 High2023-12-14
CVE-2023-46141 Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource — Automation Worx Software SuiteCWE-732 9.8 Critical2023-12-14
CVE-2023-5592 Phoenix Contact: ProConOs prone to Download of Code Without Integrity Check — MULTIPROGCWE-494 7.5 High2023-12-14
CVE-2023-0757 Phoenix Contact ProConOS prone to Incorrect Permission Assignment for Critical Resource — MULTIPROGCWE-732 9.8 Critical2023-12-14
CVE-2023-37858 PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels — WP 6070-WVPSCWE-311 4.9 Medium2023-08-09
CVE-2023-37857 PHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panels — WP 6070-WVPSCWE-798 3.8 Low2023-08-09
CVE-2023-37855 PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels — WP 6070-WVPSCWE-610 4.3 Medium2023-08-09
CVE-2023-37856 PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels — WP 6070-WVPSCWE-610 4.3 Medium2023-08-09
CVE-2023-37863 PHOENIX CONTACT: OS Command Injection in WP 6xxx Web panels — WP 6070-WVPSCWE-78 7.2 High2023-08-09
CVE-2023-37859 PHOENIX CONTACT: Improper Privilege Management in WP 6xxx Web panels — WP 6070-WVPSCWE-269 7.2 High2023-08-09

This page lists every published CVE security advisory associated with Phoenix Contact. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.