Security Advisory

Phoenix Contact: Classic line industrial controllers

Integrity check fails to identify out-of-band logic changes

Risk Information

Immediate Action

CVE ID

CVE-2023-46143

Vunerability Type

Integrity check fails to identify out-of-band logic changes

CVSS3 Score

8.6

CVSSv3 Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Automation Worx Software Suite: All versions

AXC 1050 (2700988): All versions

AXC 1050 XC (2701295): All versions

AXC 3050 (2700989): All versions

Config+: All versions

FC 350 PCI ETH (2730844): All versions

ILC1x0: All versions

ILC1x1: All versions

ILC 3xx: All versions

PC Worx: All versions

PC Worx Express: All versions

PC WORX RT BASIC (2700291): All versions

PC WORX SRT (2701680): All versions

RFC 430 ETH-IB (2730190): All versions

RFC 450 ETH-IB (2730200): All versions

RFC 460R PN 3TX (2700784): All versions

RFC 470S PN 3TX (2916794): All versions

RFC 480S PN 4TX (2404577): All versions

Phoenix Contact has not released a patch to resolve this issue.

12/12/2023