CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26005 – PHOENIX CONTACT: Privilege gain through incomplete cleanup in CHARX Series
https://notcve.org/view.php?id=CVE-2024-26005
An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS. Un atacante remoto no autenticado puede obtener privilegios de nivel de servicio mediante una limpieza incompleta durante el reinicio del servicio después de un DoS. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of ClientSession objects in the CharxControllerAgent service. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-459: Incomplete Cleanup •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26004 – PHOENIX CONTACT: DoS of a control agent due to access of a uninitialized pointer in CHARX Series
https://notcve.org/view.php?id=CVE-2024-26004
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality. Un atacante remoto no autenticado puede hacer DoS a un agente de control debido al acceso de un puntero no inicializado que puede impedir o interrumpir la funcionalidad de carga. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CANopenDevice objects. The issue results from dereferencing a null pointer. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26003 – PHOENIX CONTACT: DoS of the control agent in CHARX Series
https://notcve.org/view.php?id=CVE-2024-26003
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality. Un atacante remoto no autenticado puede hacer DoS al agente de control debido a una lectura fuera de los límites que puede impedir o interrumpir la funcionalidad de carga. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the HomePlug Green PHY Protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26002 – PHOENIX CONTACT: File ownership manipulation in CHARX Series
https://notcve.org/view.php?id=CVE-2024-26002
An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files. Una validación de entrada incorrecta en Qualcom plctool permite a un atacante local con privilegios bajos obtener acceso de root cambiando la propiedad de archivos específicos. This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the plctool binary. The binary can be abused to set incorrect permissions on files. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26001 – PHOENIX CONTACT: Out of bounds write only memory access
https://notcve.org/view.php?id=CVE-2024-26001
An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization. Un atacante remoto no autenticado puede escribir memoria fuera de los límites debido a una validación de entrada incorrecta en la pila MQTT. El ataque de fuerza bruta no siempre tiene éxito debido a la aleatorización de la memoria. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. • https://cert.vde.com/en/advisories/VDE-2024-011 • CWE-20: Improper Input Validation •