CVE-2023-46143

Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.

La vulnerabilidad de descarga de código sin verificación de integridad en los PLC de la línea clásica de PHOENIX CONTACT permite que un atacante remoto no autenticado modifique algunas o todas las aplicaciones en un PLC.

*Credits: Reid Wightman of Dragos, Inc.

CVSS Scores

CERT VDEv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-10-17 CVE Reserved
2023-12-14 CVE Published
2023-12-15 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-494: Download of Code Without Integrity Check

CAPEC

References (1)

URL	Tag	Source
https://cert.vde.com/en/advisories/VDE-2023-057	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Phoenixcontact Search vendor "Phoenixcontact"	Axc 1050 Firmware Search vendor "Phoenixcontact" for product "Axc 1050 Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Axc 1050 Search vendor "Phoenixcontact" for product "Axc 1050"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Axc 1050 Xc Firmware Search vendor "Phoenixcontact" for product "Axc 1050 Xc Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Axc 1050 Xc Search vendor "Phoenixcontact" for product "Axc 1050 Xc"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Axc 3050 Firmware Search vendor "Phoenixcontact" for product "Axc 3050 Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Axc 3050 Search vendor "Phoenixcontact" for product "Axc 3050"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fc 350 Pci Eth Firmware Search vendor "Phoenixcontact" for product "Fc 350 Pci Eth Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fc 350 Pci Eth Search vendor "Phoenixcontact" for product "Fc 350 Pci Eth"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Ilc1x0 Firmware Search vendor "Phoenixcontact" for product "Ilc1x0 Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Ilc1x0 Search vendor "Phoenixcontact" for product "Ilc1x0"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Ilc1x1 Firmware Search vendor "Phoenixcontact" for product "Ilc1x1 Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Ilc1x1 Search vendor "Phoenixcontact" for product "Ilc1x1"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Ilc 3xx Firmware Search vendor "Phoenixcontact" for product "Ilc 3xx Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Ilc 3xx Search vendor "Phoenixcontact" for product "Ilc 3xx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Pc Worx Rt Basic Firmware Search vendor "Phoenixcontact" for product "Pc Worx Rt Basic Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Pc Worx Rt Basic Search vendor "Phoenixcontact" for product "Pc Worx Rt Basic"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Rfc 430 Eth-ib Firmware Search vendor "Phoenixcontact" for product "Rfc 430 Eth-ib Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Rfc 430 Eth-ib Search vendor "Phoenixcontact" for product "Rfc 430 Eth-ib"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Rfc 450 Eth-ib Firmware Search vendor "Phoenixcontact" for product "Rfc 450 Eth-ib Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Rfc 450 Eth-ib Search vendor "Phoenixcontact" for product "Rfc 450 Eth-ib"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Rfc 460r Pn 3tx Firmware Search vendor "Phoenixcontact" for product "Rfc 460r Pn 3tx Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Rfc 460r Pn 3tx Search vendor "Phoenixcontact" for product "Rfc 460r Pn 3tx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Rfc 470s Pn 3tx Firmware Search vendor "Phoenixcontact" for product "Rfc 470s Pn 3tx Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Rfc 470s Pn 3tx Search vendor "Phoenixcontact" for product "Rfc 470s Pn 3tx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Rfc 480s Pn 4tx Firmware Search vendor "Phoenixcontact" for product "Rfc 480s Pn 4tx Firmware"	*	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Rfc 480s Pn 4tx Search vendor "Phoenixcontact" for product "Rfc 480s Pn 4tx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"		Automationworx Software Suite Search vendor "Phoenixcontact" for product "Automationworx Software Suite"				*		-		Affected
Phoenixcontact Search vendor "Phoenixcontact"		Config\+ Search vendor "Phoenixcontact" for product "Config\+"				*		-		Affected
Phoenixcontact Search vendor "Phoenixcontact"		Pc Worx Search vendor "Phoenixcontact" for product "Pc Worx"				*		-		Affected
Phoenixcontact Search vendor "Phoenixcontact"		Pc Worx Express Search vendor "Phoenixcontact" for product "Pc Worx Express"				*		-		Affected
Phoenixcontact Search vendor "Phoenixcontact"		Pc Worx Srt Search vendor "Phoenixcontact" for product "Pc Worx Srt"				*		-		Affected