CVE-2023-46143 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CERTVDE	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 34%

Vendor	Product	Version
phoenixcontact	automationworx_software_suite	*
phoenixcontact	axc_1050_firmware	*
phoenixcontact	axc_1050_xc_firmware	*
phoenixcontact	axc_3050_firmware	*
phoenixcontact	config\+	*
phoenixcontact	fc_350_pci_eth_firmware	*
phoenixcontact	ilc1x0_firmware	*
phoenixcontact	ilc1x1_firmware	*
phoenixcontact	ilc_3xx_firmware	*
phoenixcontact	pc_worx	*
phoenixcontact	pc_worx_express	*
phoenixcontact	pc_worx_rt_basic_firmware	*
phoenixcontact	pc_worx_srt	*
phoenixcontact	rfc_430_eth-ib_firmware	*
phoenixcontact	rfc_450_eth-ib_firmware	*
phoenixcontact	rfc_460r_pn_3tx_firmware	*
phoenixcontact	rfc_470s_pn_3tx_firmware	*
phoenixcontact	rfc_480s_pn_4tx_firmware	*

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-494 - Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

References

https://cert.vde.com/en/advisories/VDE-2023-057/

https://cert.vde.com/en/advisories/VDE-2023-057/