CWE
345
Advisory Published
Updated

CVE-2022-31800: Insufficient Verification of Data Vulnerability in PHOENIX CONTACT classic line industrial controllers

First published: Mon Jun 20 2022(Updated: )

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

Credit: info@cert.vde.com

Affected SoftwareAffected VersionHow to fix
Phoenixcontact Axc 1050 Firmware
Phoenixcontact Axc 1050
Phoenixcontact Axc 1050 Xc Firmware
Phoenixcontact Axc 1050 Xc
Phoenixcontact Axc 3050 Firmware
Phoenixcontact Axc 3050
Phoenixcontact Fc 350 Pci Eth Firmware
Phoenixcontact Fc 350 Pci Eth
Phoenixcontact Ilc1x0 Firmware
Phoenixcontact Ilc1x0
Phoenixcontact Ilc1x1 Firmware
Phoenixcontact Ilc1x1
Phoenixcontact Ilc 1x1 Gsm\/gprs Firmware
Phoenixcontact Ilc 1x1 Gsm\/gprs
Phoenixcontact Ilc 3xx Firmware
Phoenixcontact Ilc 3xx
Phoenixcontact Pc Worx Rt Basic Firmware
Phoenixcontact Pc Worx Rt Basic
Phoenixcontact Pc Worx Srt Firmware
Phoenixcontact Pc Worx Srt
Phoenixcontact Rfc 430 Eth-ib Firmware
Phoenixcontact Rfc 430 Eth-ib
Phoenixcontact Rfc 450 Eth-ib Firmware
Phoenixcontact Rfc 450 Eth-ib
Phoenixcontact Rfc 460r Pn 3tx Firmware
Phoenixcontact Rfc 460r Pn 3tx
Phoenixcontact Rfc 460r Pn 3tx-s Firmware
Phoenixcontact Rfc 460r Pn 3tx-s
Phoenixcontact Rfc 470 Pn 3tx Firmware
Phoenixcontact Rfc 470 Pn 3tx
Phoenixcontact Rfc 470s Pn 3tx Firmware
Phoenixcontact Rfc 470s Pn 3tx
Phoenixcontact Rfc 480s Pn 4tx Firmware
Phoenixcontact Rfc 480s Pn 4tx

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2022-31800?

    CVE-2022-31800 is a vulnerability that allows an unauthenticated remote attacker to upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

  • What is the severity of CVE-2022-31800?

    CVE-2022-31800 has a severity rating of 9.8, which is categorized as critical.

  • How does CVE-2022-31800 affect Phoenixcontact Axc 1050 Firmware?

    Phoenixcontact Axc 1050 Firmware is affected by CVE-2022-31800.

  • Is Phoenixcontact Axc 1050 Xc affected by CVE-2022-31800?

    No, Phoenixcontact Axc 1050 Xc is not affected by CVE-2022-31800.

  • How can I fix CVE-2022-31800?

    There is currently no fix available for CVE-2022-31800. It is recommended to follow the guidance provided by the vendor or security experts.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203