Vulnerabilities > Phoenixcontact > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-18 | CVE-2018-16994 | Unspecified vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). | 7.5 |
| 2020-02-18 | CVE-2019-18352 | Unspecified vulnerability in Phoenixcontact products Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security. low complexity phoenixcontact | 8.2 |
| 2019-10-31 | CVE-2019-16675 | Out-of-bounds Read vulnerability in Phoenixcontact Config+ and PC Worx Express An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 7.8 |
| 2019-06-24 | CVE-2019-12870 | Access of Uninitialized Pointer vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 8.8 |
| 2019-06-24 | CVE-2019-12869 | Out-of-bounds Read vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 8.8 |
| 2019-06-24 | CVE-2019-12871 | Use After Free vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 8.8 |
| 2019-05-07 | CVE-2018-13994 | Resource Exhaustion vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | 7.5 |
| 2019-05-07 | CVE-2018-13993 | Cross-Site Request Forgery (CSRF) vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | 8.8 |
| 2019-04-17 | CVE-2019-10953 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. | 7.5 |
| 2019-03-26 | CVE-2019-9744 | Session Fixation vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. | 8.8 |