// For flags

CVE-2023-46141

Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.

La asignación de permisos incorrecta para una vulnerabilidad de recursos críticos en varios productos de la línea clásica de PHOENIX CONTACT permite que un atacante remoto no autenticado obtenga acceso completo al dispositivo afectado.

*Credits: Reid Wightman of Dragos, Inc.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-10-17 CVE Reserved
  • 2023-12-14 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-11-13 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (1)
URL Tag Source
https://cert.vde.com/en/advisories/VDE-2023-055 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050 Firmware
Search vendor "Phoenixcontact" for product "Axc 1050 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050
Search vendor "Phoenixcontact" for product "Axc 1050"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050 Xc Firmware
Search vendor "Phoenixcontact" for product "Axc 1050 Xc Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050 Xc
Search vendor "Phoenixcontact" for product "Axc 1050 Xc"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Axc 3050 Firmware
Search vendor "Phoenixcontact" for product "Axc 3050 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Axc 3050
Search vendor "Phoenixcontact" for product "Axc 3050"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Fc 350 Pci Eth Firmware
Search vendor "Phoenixcontact" for product "Fc 350 Pci Eth Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Fc 350 Pci Eth
Search vendor "Phoenixcontact" for product "Fc 350 Pci Eth"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x0 Firmware
Search vendor "Phoenixcontact" for product "Ilc1x0 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x0
Search vendor "Phoenixcontact" for product "Ilc1x0"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x1 Firmware
Search vendor "Phoenixcontact" for product "Ilc1x1 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x1
Search vendor "Phoenixcontact" for product "Ilc1x1"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Ilc 3xx Firmware
Search vendor "Phoenixcontact" for product "Ilc 3xx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Ilc 3xx
Search vendor "Phoenixcontact" for product "Ilc 3xx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Rt Basic Firmware
Search vendor "Phoenixcontact" for product "Pc Worx Rt Basic Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Rt Basic
Search vendor "Phoenixcontact" for product "Pc Worx Rt Basic"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 430 Eth-ib Firmware
Search vendor "Phoenixcontact" for product "Rfc 430 Eth-ib Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 430 Eth-ib
Search vendor "Phoenixcontact" for product "Rfc 430 Eth-ib"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 450 Eth-ib Firmware
Search vendor "Phoenixcontact" for product "Rfc 450 Eth-ib Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 450 Eth-ib
Search vendor "Phoenixcontact" for product "Rfc 450 Eth-ib"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 460r Pn 3tx Firmware
Search vendor "Phoenixcontact" for product "Rfc 460r Pn 3tx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 460r Pn 3tx
Search vendor "Phoenixcontact" for product "Rfc 460r Pn 3tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 470s Pn 3tx Firmware
Search vendor "Phoenixcontact" for product "Rfc 470s Pn 3tx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 470s Pn 3tx
Search vendor "Phoenixcontact" for product "Rfc 470s Pn 3tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 480s Pn 4tx Firmware
Search vendor "Phoenixcontact" for product "Rfc 480s Pn 4tx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 480s Pn 4tx
Search vendor "Phoenixcontact" for product "Rfc 480s Pn 4tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Automationworx Software Suite
Search vendor "Phoenixcontact" for product "Automationworx Software Suite"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Config\+
Search vendor "Phoenixcontact" for product "Config\+"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx
Search vendor "Phoenixcontact" for product "Pc Worx"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Express
Search vendor "Phoenixcontact" for product "Pc Worx Express"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Srt
Search vendor "Phoenixcontact" for product "Pc Worx Srt"
*-
Affected