Vulnerabilities > Phoenixcontact > Charx SEC 3000 Firmware > 1.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-6788 | Unspecified vulnerability in Phoenixcontact products A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password. | 9.8 |
| 2024-08-13 | CVE-2024-3913 | Unspecified vulnerability in Phoenixcontact products An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup. | 5.9 |