Skip to main content
Security Advisory

Phoenix Contact: PLCnext

Incorrect Permission Assignment for Critical Resource

Risk Information

Limited Threat

CVE ID

CVE-2023-46142

Vunerability Type

Incorrect Permission Assignment for Critical Resource

CVSS3 Score

8.8

CVSSv3 Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affecting

  • AXC F 1152 (1151412): v2024.0 and prior.
  • AXC F 2152 (2404267): v2024.0 and prior.
  • AXC F 3152 (1069208): v2024.0 and prior.
  • BPC 9102S (1246285): v2024.0 and prior.
  • EPC 1502 (1185416): v2024.0 and prior.
  • EPC 1522 (1185423): v2024.0 and prior.
  • PLCnext Engineer (1046008): v2024.0 and prior.
  • RFC 4072R (1136419): v2024.0 and prior.
  • RFC 4072S (1051328): v2024.0 and prior.
  • Mitigation

    Update to a patched version: v2023.0.7 LTS Hotfix or later

    12/12/2023