Vulnerabilidades en Phoenix Contact

147 resultados
CVE-2014-9195Phoenix Contact Software ProConOs and MultiProg Missing Authentication for Critical FunctionEPSS 81.1%CVE-2020-12497HIGHPhoenix Contact Automation Worx <= 1.87: stack-based overflowEPSS 15.7%CVE-2016-8380The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.EPSS 11.2%CVE-2016-8371The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.EPSS 11.2%CVE-2025-41748HIGHReflected XSS vulnerability in pxc_Dot1xCfg.phpEPSS 8.4%CVE-2025-41750HIGHReflected XSS vulnerability in pxc_PortCfg.phpEPSS 8.4%CVE-2025-41746HIGHReflected XSS vulnerability in pxc_portSecCfg.phpEPSS 8.2%CVE-2025-41751HIGHReflected XSS vulnerability in pxc_portCntr.phpEPSS 8.2%CVE-2025-41752HIGHReflected XSS vulnerability in pxc_portSfp.phpEPSS 8.2%CVE-2025-41747HIGHReflected XSS vulnerability in pxc_vlanIntfCfg.phpEPSS 8.2%CVE-2016-8366Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pEPSS 5.8%CVE-2019-10953HIGHABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some conEPSS 3.7%CVE-2020-12498HIGHPhoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code executionEPSS 2.1%CVE-2021-33542HIGHPhoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerabilityEPSS 1.8%CVE-2025-41706MEDIUMPhoenix Contact: Webserver Denial of Service through Malformed Content-LengthEPSS 1.7%CVE-2023-3526CRITICALPHOENIX CONTACT: Cross-site Scripting vulnerability in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devicesEPSS 1.6%CVE-2025-41704MEDIUMPhoenix Contact: Unauthenticated Modbus Service DoS via Crafted Function CodeEPSS 1.5%CVE-2021-33541HIGHPhoenix Contact: ILC1x Industrial controllers affected by Denial-of-Service vulnerabilityEPSS 1.5%CVE-2024-25998HIGHPHOENIX CONTACT: Command injection in the OCPP ServiceEPSS 1.5%CVE-2022-31800CRITICALInsufficient Verification of Data Vulnerability in PHOENIX CONTACT classic line industrial controllersEPSS 1.5%