Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.
References
| Link | Resource |
|---|---|
| https://cert.vde.com/en/advisories/VDE-2023-057/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
|
Configuration 11 (hide)
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
History
21 Dec 2023, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://cert.vde.com/en/advisories/VDE-2023-057/ - Third Party Advisory | |
| CPE | cpe:2.3:o:phoenixcontact:ilc1x1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_450_eth-ib_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:ilc1x0_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:ilc_3xx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fc_350_pci_eth_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_430_eth-ib_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_460r_pn_3tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:pc_worx_rt_basic:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:pc_worx_rt_basic_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:phoenixcontact:pc_worx:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:axc_3050_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:phoenixcontact:pc_worx_express:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:axc_1050_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:axc_1050_xc:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:fc_350_pci_eth:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:ilc1x1:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_470s_pn_3tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_480s_pn_4tx:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:axc_1050_xc_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:phoenixcontact:pc_worx_srt:*:*:*:*:*:*:*:* cpe:2.3:a:phoenixcontact:automationworx_software_suite:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_460r_pn_3tx:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:ilc_3xx:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:ilc1x0:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:axc_3050:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_450_eth-ib:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_480s_pn_4tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_430_eth-ib:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_470s_pn_3tx:-:*:*:*:*:*:*:* cpe:2.3:a:phoenixcontact:config\+:*:*:*:*:*:*:*:* |
14 Dec 2023, 14:49
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-14 14:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-46143
Mitre link : CVE-2023-46143
CVE.ORG link : CVE-2023-46143
JSON object : View
Products Affected
phoenixcontact
- ilc1x0
- ilc_3xx_firmware
- ilc1x1_firmware
- pc_worx_rt_basic_firmware
- ilc1x1
- axc_3050_firmware
- rfc_460r_pn_3tx_firmware
- axc_3050
- rfc_450_eth-ib_firmware
- pc_worx_srt
- pc_worx
- automationworx_software_suite
- fc_350_pci_eth_firmware
- rfc_480s_pn_4tx
- rfc_430_eth-ib
- rfc_450_eth-ib
- config\+
- rfc_460r_pn_3tx
- axc_1050_xc_firmware
- pc_worx_rt_basic
- rfc_480s_pn_4tx_firmware
- ilc_3xx
- axc_1050_firmware
- ilc1x0_firmware
- fc_350_pci_eth
- rfc_470s_pn_3tx_firmware
- axc_1050
- axc_1050_xc
- pc_worx_express
- rfc_470s_pn_3tx
- rfc_430_eth-ib_firmware
CWE
CWE-494
Download of Code Without Integrity Check