Vulnerabilites related to PHOENIX CONTACT - RFC 4072S
cve-2023-46142
Vulnerability from cvelistv5
Published
2023-12-14 14:05
Modified
2024-08-02 20:37
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
References
https://https://cert.vde.com/en/advisories/VDE-2023-056/
Impacted products
Vendor Product Version
PHOENIX CONTACT AXC F 1152 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT AXC F 2152 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT AXC F 3152 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT BPC 9102S Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT EPC 1502 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT EPC 1522 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT PLCnext Engineer Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT RFC 4072R Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT RFC 4072S Version: 0    2024.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:37:39.840Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AXC F 1152",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AXC F 2152",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AXC F 3152",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "BPC 9102S",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EPC 1502",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EPC 1522",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PLCnext Engineer",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RFC 4072R",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RFC 4072S",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Reid Wightman of Dragos, Inc."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices."
            }
          ],
          "value": "A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-14T14:05:35.741Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/"
        }
      ],
      "source": {
        "advisory": "VDE-2023-056",
        "defect": [
          "CERT@VDE#64609"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "PHOENIX CONTACT: Insufficient Read and Write Protection to Logic and Runtime Data in PLCnext Control",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2023-46142",
    "datePublished": "2023-12-14T14:05:35.741Z",
    "dateReserved": "2023-10-17T07:04:03.576Z",
    "dateUpdated": "2024-08-02T20:37:39.840Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-46144
Vulnerability from cvelistv5
Published
2023-12-14 14:08
Modified
2024-10-01 06:18
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.
References
https://https://cert.vde.com/en/advisories/VDE-2023-056/
Impacted products
Vendor Product Version
PHOENIX CONTACT AXC F 1152 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT AXC F 2152 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT AXC F 3152 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT BPC 9102S Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT EPC 1502 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT EPC 1522 Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT PLCnext Engineer Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT RFC 4072R Version: 0    2024.0
 Create a notification for this product.
   PHOENIX CONTACT RFC 4072S Version: 0    2024.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:37:39.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AXC F 1152",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AXC F 2152",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AXC F 3152",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "BPC 9102S",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EPC 1502",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EPC 1522",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PLCnext Engineer",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RFC 4072R",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "RFC 4072S",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "lessThanOrEqual": "2024.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Reid Wightman of Dragos, Inc."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices."
            }
          ],
          "value": "A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-494",
              "description": "CWE-494: Download of Code Without Integrity Check",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-01T06:18:18.730Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/"
        }
      ],
      "source": {
        "advisory": "VDE-2023-058",
        "defect": [
          "CERT@VDE#64611"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "PHOENIX CONTACT: PLCnext Control prone to download of code without integrity check",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2023-46144",
    "datePublished": "2023-12-14T14:08:07.244Z",
    "dateReserved": "2023-10-17T07:04:03.577Z",
    "dateUpdated": "2024-10-01T06:18:18.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}