High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-31	CVE-2019-16675	Out-of-bounds Read vulnerability in Phoenixcontact Config+ and PC Worx Express An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. local low complexity phoenixcontact CWE-125	7.8
2019-06-24	CVE-2019-12870	Access of Uninitialized Pointer vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. network low complexity phoenixcontact CWE-824	8.8
2019-06-24	CVE-2019-12869	Out-of-bounds Read vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. network low complexity phoenixcontact CWE-125	8.8
2019-06-24	CVE-2019-12871	Use After Free vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. network low complexity phoenixcontact CWE-416	8.8
2019-05-07	CVE-2018-13994	Resource Exhaustion vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. network low complexity phoenixcontact CWE-400	7.5
2019-05-07	CVE-2018-13993	Cross-Site Request Forgery (CSRF) vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. network low complexity phoenixcontact CWE-352	8.8
2019-04-17	CVE-2019-10953	Allocation of Resources Without Limits or Throttling vulnerability in multiple products ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. network low complexity abb phoenixcontact schneider-electric siemens wago CWE-770	7.5
2019-03-26	CVE-2019-9744	Session Fixation vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. network low complexity phoenixcontact CWE-384	8.8
2019-03-26	CVE-2019-9743	Command Injection vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices. network low complexity phoenixcontact CWE-77	8.8
2018-05-17	CVE-2018-10728	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Phoenixcontact products All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731). network high complexity phoenixcontact CWE-119	8.1