Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Phoenix Contact — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting Phoenix Contact. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Phoenix Contact:FL SWITCH 2005CHARX SEC-3000WP 6070-WVPSFL MGUARD 2102CHARX SEC-3150WHA-GW-F2D2-0-AS- Z2-ETHAXC F 1152QUINT4-UPS/24DC/24DC/5/EIPAXC F 1152 (1151412)Phoenix Contact ILC PLCsFL SWITCHAutomation Worx Software SuiteMULTIPROGFL MGUARDAutomation WorxCLOUD CLIENT 1101T-TX/TXConfig+RAD-ISM-900-EN-BD/BENERGY AXC PU (1264327)CHARX SEC-3000 (1139022)ILC 131TC ROUTER 3002T-3GAXL F BK PN TPSDaUMProConOsFL MGUARD CENTERPORTILC 1x0PC WorxFL MGUARD DM (2981974)AXC F
CVE IDTitleCVSSSeverityPublished
CVE-2021-34559 A vulnerability in WirelessHART-Gateway <= 3.0.8 may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings — WHA-GW-F2D2-0-AS- Z2-ETHCWE-444 5.4 Medium2021-08-31
CVE-2021-33555 A vulnerability may allow remote attackers to read arbitrary files on the server of the WirelessHART-Gateway — WHA-GW-F2D2-0-AS- Z2-ETHCWE-22 7.5 High2021-08-31
CVE-2021-33541 Phoenix Contact: ILC1x Industrial controllers affected by Denial-of-Service vulnerability — ILC1xCWE-770 7.5 High2021-06-25
CVE-2021-33542 Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability — Automation Worx Software SuiteCWE-824 7.8 High2021-06-25
CVE-2021-33540 Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices — AXL F BKCWE-798 7.3 High2021-06-25
CVE-2021-21005 Race Condition Vulnerability in Phoenix Contact FL SWITCH SMCS series products — FL SWITCHCWE-362 7.5 High2021-06-25
CVE-2021-21004 Cross-site Scripting Vulnerability in Phoenix Contact FL SWITCH SMCS series products — FL SWITCHCWE-79 7.4 High2021-06-25
CVE-2021-21003 Denial of Service Vulnerability in Phoenix Contact FL SWITCH SMCS series products — FL SWITCHCWE-404 5.3 Medium2021-06-25
CVE-2021-21002 Denial of Service in Phoenix Contact FL COMSERVER UNI products — FL COMSERVERCWE-772 7.5 High2021-06-25
CVE-2020-12519 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use this vulnerability i.e. to open a reverse shell with root privileges. — AXC F 1152 (1151412)CWE-269 8.8 High2020-12-17
CVE-2020-12521 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack. — AXC F 1152 (1151412)CWE-20 6.5 Medium2020-12-17
CVE-2020-12523 Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration — TC MGUARD RS4000 4G VZW VPN (1010461)CWE-909 5.4 Medium2020-12-17
CVE-2020-12517 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation). — AXC F 1152 (1151412)CWE-79 8.8 High2020-12-17
CVE-2020-12518 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks. — AXC F 1152 (1151412)CWE-200 5.5 Medium2020-12-17
CVE-2020-12524 Phoenix Contact BTP Touch Panels uncontrolled resource consumption — BTP Touch PanelCWE-400 7.5 High2020-12-02
CVE-2020-12499 PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier: Improper path sanitation vulnerability. — PLCnext EngineerCWE-22 8.2 High2020-07-21
CVE-2020-12497 Phoenix Contact Automation Worx <= 1.87: stack-based overflow — Automation WorxCWE-121 7.8 High2020-07-01
CVE-2020-12498 Phoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code execution — Automation WorxCWE-121 7.8 High2020-07-01
CVE-2016-8366 Phoenix Contact ILC PLC 信任管理漏洞 — Phoenix Contact ILC PLCsCWE-312 7.3 -2018-04-05
CVE-2016-8371 Phoenix Contact ILC PLC 授权问题漏洞 — Phoenix Contact ILC PLCsCWE-592 6.5 -2018-04-05
CVE-2016-8380 Phoenix Contact ILC PLC 授权问题漏洞 — Phoenix Contact ILC PLCsCWE-767 7.3 -2018-04-05
CVE-2014-9195 Phoenix Contact Software ProConOs and MultiProg Missing Authentication for Critical Function — ProConOsCWE-306 9.8 -2015-01-17

This page lists every published CVE security advisory associated with Phoenix Contact. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.