Vulnerabilities > Phoenixcontact > Charx SEC 3100 Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-6788 | Unspecified vulnerability in Phoenixcontact products A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password. | 9.8 |
| 2024-03-12 | CVE-2024-26001 | Out-of-bounds Write vulnerability in Phoenixcontact products An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. | 9.8 |
| 2024-03-12 | CVE-2024-25996 | Unspecified vulnerability in Phoenixcontact products An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. | 9.8 |