Product:

Plcnext_engineer

(Phoenixcontact)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2023-09-13 CVE-2023-3935 A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. Activation_wizard, E\-Mobility_charging_suite, Fl_network_manager, Iol\-Conf, Module_type_package_designer, Plcnext_engineer, Oseon, Programmingtube, Teczonebend, Tops_unfold, Topscalculation, Trumpflicenseexpert, Trutops, Trutops_cell_classic, Trutops_cell_sw48, Trutops_mark_3d, Trutopsboost, Trutopsfab, Trutopsfab_storage_smallstore, Trutopsprint, Trutopsprintmultilaserassistant, Trutopsweld, Tubedesign, Codemeter_runtime N/A
2023-12-14 CVE-2023-46142 A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices. Axc_f_1152_firmware, Axc_f_2152_firmware, Axc_f_3152_firmware, Bpc_9102s_firmware, Epc_1502_firmware, Epc_1522_firmware, Plcnext_engineer, Rfc_4072r_firmware, Rfc_4072s_firmware N/A
2023-12-14 CVE-2023-46144 A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices. Axc_f_1152_firmware, Axc_f_2152_firmware, Axc_f_3152_firmware, Bpc_9102s_firmware, Epc_1502_firmware, Epc_1522_firmware, Plcnext_engineer, Rfc_4072r_firmware, Rfc_4072s_firmware N/A
2020-07-21 CVE-2020-12499 In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files. Plcnext_engineer N/A