CVE-2023-46144 (GCVE-0-2023-46144)
Vulnerability from cvelistv5 – Published: 2023-12-14 14:08 – Updated: 2024-10-01 06:18
VLAI?
Summary
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.
Severity ?
6.5 (Medium)
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | AXC F 1152 |
Affected:
0 , ≤ 2024.0
(semver)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
Credits
Reid Wightman of Dragos, Inc.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:39.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXC F 1152",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXC F 2152",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXC F 3152",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "BPC 9102S",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EPC 1502",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EPC 1522",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PLCnext Engineer",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 4072R",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "RFC 4072S",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "2024.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Reid Wightman of Dragos, Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices."
}
],
"value": "A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494: Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T06:18:18.730Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/"
}
],
"source": {
"advisory": "VDE-2023-058",
"defect": [
"CERT@VDE#64611"
],
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: PLCnext Control prone to download of code without integrity check",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2023-46144",
"datePublished": "2023-12-14T14:08:07.244Z",
"dateReserved": "2023-10-17T07:04:03.577Z",
"dateUpdated": "2024-10-01T06:18:18.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"9C72F7B2-43D1-43CB-B611-B57487E9AE53\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2474BD7-C447-4E07-A628-C729E376943D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"4EA16E9E-ADBB-4943-AE2D-7C49F882A809\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE2E6118-6587-444A-A143-9C3A1E6ED4FD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"E28DCF3B-C26E-44BE-BCA1-0AED56326FC3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57424998-4EAB-4682-BFC4-1D2A621514F4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"A97B1250-2830-4EFC-9393-DF96E129E16D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"346E85EB-8800-40C7-A7DA-EA587CF90F08\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"F8E7E962-9BA0-418B-8A43-541C5278C9ED\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85AF0A71-02C4-4CFF-A820-5C326F066024\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"E3671BE8-A1DE-444E-9A24-5C86E4F0BBF1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBD531B6-09DA-4B4A-AA7C-C2A54B089C67\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"C6A5C5E9-4F2C-44BC-8B64-29D25C789643\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"FE1D89DD-1717-4E84-8A33-82AA29594E7D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65D9C540-F273-4EA8-8FF6-95DF46B01D89\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2024.0\", \"matchCriteriaId\": \"E633B5AB-BD27-461D-8083-20CC1C768D34\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.\"}, {\"lang\": \"es\", \"value\": \"Una descarga de c\\u00f3digo sin vulnerabilidad de verificaci\\u00f3n de integridad en los productos PLCnext permite que un atacante remoto con privilegios bajos comprometa la integridad de la estaci\\u00f3n de ingenier\\u00eda afectada y los dispositivos conectados.\"}]",
"id": "CVE-2023-46144",
"lastModified": "2024-11-21T08:27:58.380",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
"published": "2023-12-14T14:15:43.447",
"references": "[{\"url\": \"https://https://cert.vde.com/en/advisories/VDE-2023-056/\", \"source\": \"info@cert.vde.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://https://cert.vde.com/en/advisories/VDE-2023-056/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-494\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-46144\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2023-12-14T14:15:43.447\",\"lastModified\":\"2024-11-21T08:27:58.380\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.\"},{\"lang\":\"es\",\"value\":\"Una descarga de c\u00f3digo sin vulnerabilidad de verificaci\u00f3n de integridad en los productos PLCnext permite que un atacante remoto con privilegios bajos comprometa la integridad de la estaci\u00f3n de ingenier\u00eda afectada y los dispositivos conectados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-494\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"9C72F7B2-43D1-43CB-B611-B57487E9AE53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2474BD7-C447-4E07-A628-C729E376943D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"4EA16E9E-ADBB-4943-AE2D-7C49F882A809\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE2E6118-6587-444A-A143-9C3A1E6ED4FD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"E28DCF3B-C26E-44BE-BCA1-0AED56326FC3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57424998-4EAB-4682-BFC4-1D2A621514F4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"A97B1250-2830-4EFC-9393-DF96E129E16D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"346E85EB-8800-40C7-A7DA-EA587CF90F08\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"F8E7E962-9BA0-418B-8A43-541C5278C9ED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85AF0A71-02C4-4CFF-A820-5C326F066024\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"E3671BE8-A1DE-444E-9A24-5C86E4F0BBF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBD531B6-09DA-4B4A-AA7C-C2A54B089C67\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"C6A5C5E9-4F2C-44BC-8B64-29D25C789643\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"FE1D89DD-1717-4E84-8A33-82AA29594E7D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65D9C540-F273-4EA8-8FF6-95DF46B01D89\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.0\",\"matchCriteriaId\":\"E633B5AB-BD27-461D-8083-20CC1C768D34\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6\"}]}]}],\"references\":[{\"url\":\"https://https://cert.vde.com/en/advisories/VDE-2023-056/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://https://cert.vde.com/en/advisories/VDE-2023-056/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…