// For flags

CVE-2023-46143

Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.

La vulnerabilidad de descarga de código sin verificación de integridad en los PLC de la línea clásica de PHOENIX CONTACT permite que un atacante remoto no autenticado modifique algunas o todas las aplicaciones en un PLC.

*Credits: Reid Wightman of Dragos, Inc.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-10-17 CVE Reserved
  • 2023-12-14 CVE Published
  • 2023-12-15 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-494: Download of Code Without Integrity Check
CAPEC
References (1)
URL Tag Source
https://cert.vde.com/en/advisories/VDE-2023-057 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050 Firmware
Search vendor "Phoenixcontact" for product "Axc 1050 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050
Search vendor "Phoenixcontact" for product "Axc 1050"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050 Xc Firmware
Search vendor "Phoenixcontact" for product "Axc 1050 Xc Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Axc 1050 Xc
Search vendor "Phoenixcontact" for product "Axc 1050 Xc"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Axc 3050 Firmware
Search vendor "Phoenixcontact" for product "Axc 3050 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Axc 3050
Search vendor "Phoenixcontact" for product "Axc 3050"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Fc 350 Pci Eth Firmware
Search vendor "Phoenixcontact" for product "Fc 350 Pci Eth Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Fc 350 Pci Eth
Search vendor "Phoenixcontact" for product "Fc 350 Pci Eth"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x0 Firmware
Search vendor "Phoenixcontact" for product "Ilc1x0 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x0
Search vendor "Phoenixcontact" for product "Ilc1x0"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x1 Firmware
Search vendor "Phoenixcontact" for product "Ilc1x1 Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Ilc1x1
Search vendor "Phoenixcontact" for product "Ilc1x1"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Ilc 3xx Firmware
Search vendor "Phoenixcontact" for product "Ilc 3xx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Ilc 3xx
Search vendor "Phoenixcontact" for product "Ilc 3xx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Rt Basic Firmware
Search vendor "Phoenixcontact" for product "Pc Worx Rt Basic Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Rt Basic
Search vendor "Phoenixcontact" for product "Pc Worx Rt Basic"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 430 Eth-ib Firmware
Search vendor "Phoenixcontact" for product "Rfc 430 Eth-ib Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 430 Eth-ib
Search vendor "Phoenixcontact" for product "Rfc 430 Eth-ib"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 450 Eth-ib Firmware
Search vendor "Phoenixcontact" for product "Rfc 450 Eth-ib Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 450 Eth-ib
Search vendor "Phoenixcontact" for product "Rfc 450 Eth-ib"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 460r Pn 3tx Firmware
Search vendor "Phoenixcontact" for product "Rfc 460r Pn 3tx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 460r Pn 3tx
Search vendor "Phoenixcontact" for product "Rfc 460r Pn 3tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 470s Pn 3tx Firmware
Search vendor "Phoenixcontact" for product "Rfc 470s Pn 3tx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 470s Pn 3tx
Search vendor "Phoenixcontact" for product "Rfc 470s Pn 3tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 480s Pn 4tx Firmware
Search vendor "Phoenixcontact" for product "Rfc 480s Pn 4tx Firmware"
*-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Rfc 480s Pn 4tx
Search vendor "Phoenixcontact" for product "Rfc 480s Pn 4tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Automationworx Software Suite
Search vendor "Phoenixcontact" for product "Automationworx Software Suite"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Config\+
Search vendor "Phoenixcontact" for product "Config\+"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx
Search vendor "Phoenixcontact" for product "Pc Worx"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Express
Search vendor "Phoenixcontact" for product "Pc Worx Express"
*-
Affected
Phoenixcontact
Search vendor "Phoenixcontact"
Pc Worx Srt
Search vendor "Phoenixcontact" for product "Pc Worx Srt"
*-
Affected