A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
References
| Link | Resource |
|---|---|
| https://https://cert.vde.com/en/advisories/VDE-2023-056/ | Broken Link |
| https://https://cert.vde.com/en/advisories/VDE-2023-056/ | Broken Link |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
History
21 Nov 2024, 08:27
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://https://cert.vde.com/en/advisories/VDE-2023-056/ - Broken Link |
21 Dec 2023, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:* cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:* |
|
| References | () https://https://cert.vde.com/en/advisories/VDE-2023-056/ - Broken Link | |
| First Time |
Phoenixcontact axc F 1152
Phoenixcontact rfc 4072s Firmware Phoenixcontact axc F 1152 Firmware Phoenixcontact plcnext Engineer Phoenixcontact Phoenixcontact axc F 3152 Firmware Phoenixcontact epc 1522 Phoenixcontact rfc 4072r Phoenixcontact bpc 9102s Phoenixcontact axc F 2152 Phoenixcontact epc 1502 Firmware Phoenixcontact axc F 2152 Firmware Phoenixcontact rfc 4072r Firmware Phoenixcontact epc 1522 Firmware Phoenixcontact epc 1502 Phoenixcontact bpc 9102s Firmware Phoenixcontact rfc 4072s Phoenixcontact axc F 3152 |
14 Dec 2023, 14:49
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-14 14:15
Updated : 2024-11-21 08:27
NVD link : CVE-2023-46142
Mitre link : CVE-2023-46142
CVE.ORG link : CVE-2023-46142
JSON object : View
Products Affected
phoenixcontact
- bpc_9102s_firmware
- axc_f_1152
- rfc_4072r
- rfc_4072r_firmware
- rfc_4072s_firmware
- axc_f_3152
- epc_1502
- epc_1522_firmware
- axc_f_3152_firmware
- epc_1502_firmware
- plcnext_engineer
- epc_1522
- axc_f_2152_firmware
- rfc_4072s
- axc_f_2152
- bpc_9102s
- axc_f_1152_firmware
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource