Vulnerabilities > Phoenixcontact > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-25 | CVE-2021-33540 | Use of Hard-coded Credentials vulnerability in Phoenixcontact products In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists. | 7.5 |
| 2021-06-25 | CVE-2021-33541 | Allocation of Resources Without Limits or Throttling vulnerability in Phoenixcontact Ilc1X0 Firmware and Ilc1X1 Firmware Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. | 7.8 |
| 2020-07-01 | CVE-2020-12497 | Out-of-bounds Write vulnerability in Phoenixcontact PC Worx and PC Worx Express PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. | 7.8 |
| 2020-02-18 | CVE-2018-16994 | Unspecified vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). | 7.8 |
| 2020-02-17 | CVE-2020-8768 | Incorrect Permission Assignment for Critical Resource vulnerability in Phoenixcontact ILC 2050 Bi-L Firmware and ILC 2050 BI Firmware An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. | 7.5 |
| 2019-06-17 | CVE-2019-10997 | Unspecified vulnerability in Phoenixcontact products An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. network phoenixcontact | 7.1 |
| 2018-04-05 | CVE-2016-8380 | Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. | 7.5 |
| 2018-04-05 | CVE-2016-8371 | Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. | 7.5 |
| 2017-08-08 | CVE-2017-10176 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). | 7.5 |
| 2017-08-08 | CVE-2017-10118 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). | 7.5 |