CVE-2023-46141
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| PHOENIX CONTACT | Automation Worx Software Suite | all | affected |
| PHOENIX CONTACT | AXC 1050 | all | affected |
| PHOENIX CONTACT | AXC 1050 XC | all | affected |
| PHOENIX CONTACT | AXC 3050 | all | affected |
| PHOENIX CONTACT | Config+ | all | affected |
| PHOENIX CONTACT | FC 350 PCI ETH | all | affected |
| PHOENIX CONTACT | ILC1x0 | all | affected |
| PHOENIX CONTACT | ILC1x1 | all | affected |
| PHOENIX CONTACT | ILC 3xx | all | affected |
| PHOENIX CONTACT | PC Worx | all | affected |
| PHOENIX CONTACT | PC Worx Express | all | affected |
| PHOENIX CONTACT | PC WORX RT BASIC | all | affected |
| PHOENIX CONTACT | PC WORX SRT | all | affected |
| PHOENIX CONTACT | RFC 430 ETH-IB | all | affected |
| PHOENIX CONTACT | RFC 450 ETH-IB | all | affected |
| PHOENIX CONTACT | RFC 460R PN 3TX | all | affected |
| PHOENIX CONTACT | RFC 470S PN 3TX | all | affected |
| PHOENIX CONTACT | RFC 480S PN 4TX | all | affected |
Weaknesses
- CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.