Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ilc1x1_firmware
(Phoenixcontact)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-12-14 | CVE-2023-46141 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device. | Automationworx_software_suite, Axc_1050_firmware, Axc_1050_xc_firmware, Axc_3050_firmware, Config\+, Fc_350_pci_eth_firmware, Ilc1x0_firmware, Ilc1x1_firmware, Ilc_3xx_firmware, Pc_worx, Pc_worx_express, Pc_worx_rt_basic_firmware, Pc_worx_srt, Rfc_430_eth\-Ib_firmware, Rfc_450_eth\-Ib_firmware, Rfc_460r_pn_3tx_firmware, Rfc_470s_pn_3tx_firmware, Rfc_480s_pn_4tx_firmware | 9.8 | ||
| 2023-12-14 | CVE-2023-46143 | Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC. | Automationworx_software_suite, Axc_1050_firmware, Axc_1050_xc_firmware, Axc_3050_firmware, Config\+, Fc_350_pci_eth_firmware, Ilc1x0_firmware, Ilc1x1_firmware, Ilc_3xx_firmware, Pc_worx, Pc_worx_express, Pc_worx_rt_basic_firmware, Pc_worx_srt, Rfc_430_eth\-Ib_firmware, Rfc_450_eth\-Ib_firmware, Rfc_460r_pn_3tx_firmware, Rfc_470s_pn_3tx_firmware, Rfc_480s_pn_4tx_firmware | 7.5 | ||
| 2022-06-21 | CVE-2022-31800 | An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. | Axc_1050_firmware, Axc_1050_xc_firmware, Axc_3050_firmware, Fc_350_pci_eth_firmware, Ilc1x0_firmware, Ilc1x1_firmware, Ilc_1x1_gsm\/gprs_firmware, Ilc_3xx_firmware, Pc_worx_rt_basic_firmware, Pc_worx_srt_firmware, Rfc_430_eth\-Ib_firmware, Rfc_450_eth\-Ib_firmware, Rfc_460r_pn_3tx\-S_firmware, Rfc_460r_pn_3tx_firmware, Rfc_470_pn_3tx_firmware, Rfc_470s_pn_3tx_firmware, Rfc_480s_pn_4tx_firmware | 9.8 | ||
| 2021-06-25 | CVE-2021-33541 | Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of service on the PLC's network communication module. A successful attack stops all network communication. To restore the network connectivity the device needs to be restarted. The automation task is not... | Ilc1x0_firmware, Ilc1x1_firmware | 7.5 |