Vulnerabilities > Phoenixcontact > ILC Plcs Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-04-05 CVE-2016-8380 Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
network
low complexity
phoenixcontact CWE-287
7.5
7.5
2018-04-05 CVE-2016-8371 Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
network
low complexity
phoenixcontact CWE-287
7.5
7.5
2018-04-05 CVE-2016-8366 Credentials Management vulnerability in Phoenixcontact ILC Plcs Firmware
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user.
network
low complexity
phoenixcontact CWE-255
5.0
5.0