CVE-2025-2813

Summary

An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80.

Affected Software

VendorProductVersion RangeStatus
Phoenix ContactAXL F BK PN TPS0.0 <= 1.33affected
Phoenix ContactAXL F BK PN TPS XC0.0 <= 1.33affected
Phoenix ContactAXL F BK PN (discontinued)0.0 <= 1.06affected
Phoenix ContactAXL F BK PN XC (discontinued)0.0 <= 1.06affected
Phoenix ContactAXL F BK SAS (discontinued)0.0 <= 1.35affected
Phoenix ContactAXL F BK ETH0.0 <= 1.31affected
Phoenix ContactAXL F BK ETH XC0.0 <= 1.31affected
Phoenix ContactAXL F BK EIP0.0 <= 1.30affected
Phoenix ContactAXL F BK EIP EF0.0 <= 1.30affected
Phoenix ContactAXL F BK EIP XC0.0 <= 1.30affected
Phoenix ContactIL PN BK-PAC0.0 <= 1.13affected
Phoenix ContactIL ETH BK-PAC0.0 <= 1.00affected
Phoenix ContactIL ETH BK DI8 DO4 2TX-PAC0.0 <= 1.42affected
Phoenix ContactIL EIP BK DI8 DO4 2TX-PAC0.0 <= 1.12affected

Weaknesses

  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References