Vulnerabilities > Phoenixcontact > High

DATE CVE VULNERABILITY TITLE RISK
2019-03-26 CVE-2019-9743 Command Injection vulnerability in Phoenixcontact products
An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices.
network
low complexity
phoenixcontact CWE-77
8.8
8.8
2018-05-17 CVE-2018-10728 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Phoenixcontact products
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731).
network
high complexity
phoenixcontact CWE-119
8.1
8.1
2018-04-05 CVE-2016-8380 Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
network
low complexity
phoenixcontact CWE-287
7.3
7.3
2018-04-05 CVE-2016-8371 Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
network
low complexity
phoenixcontact CWE-287
7.3
7.3
2018-04-05 CVE-2016-8366 Credentials Management vulnerability in Phoenixcontact ILC Plcs Firmware
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user.
network
low complexity
phoenixcontact CWE-255
7.3
7.3
2018-01-30 CVE-2018-5441 Improper Input Validation vulnerability in Phoenixcontact products
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0.
local
low complexity
phoenixcontact CWE-20
7.8
7.8
2017-08-08 CVE-2017-10176 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
network
low complexity
oracle debian phoenixcontact netapp
7.5
7.5
2017-08-08 CVE-2017-10118 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE).
network
low complexity
oracle debian phoenixcontact netapp
7.5
7.5
2017-08-08 CVE-2017-10116 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle phoenixcontact debian redhat netapp
8.3
8.3
2017-08-08 CVE-2017-10115 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE).
network
low complexity
oracle debian phoenixcontact redhat netapp
7.5
7.5