Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

PHOENIX CONTACT — Vulnerabilities & Security Advisories 143

Browse all 143 CVE security advisories affecting PHOENIX CONTACT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

PHOENIX CONTACT specializes in industrial automation, electrical engineering, and electronics, providing critical infrastructure components such as programmable logic controllers, power supplies, and industrial networking devices. With 142 recorded CVEs, the company’s software ecosystem has historically been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These flaws often stem from inadequate input validation in web-based management interfaces or insecure default configurations in embedded systems. Notable incidents include exploitable authentication bypasses and buffer overflow errors that could allow attackers to gain unauthorized control over industrial control systems. The high volume of vulnerabilities suggests persistent challenges in securing legacy firmware and web applications. While the hardware itself is robust, the associated software layers require rigorous patching and secure coding practices to mitigate risks in operational technology environments.

Found 8 results / 143Clear Filters
Top products by PHOENIX CONTACT: FL SWITCH 2005 CHARX SEC-3000 FL MGUARD 2102 WP 6070-WVPS CHARX SEC-3150 WHA-GW-F2D2-0-AS- Z2-ETH AXC F 1152 QUINT4-UPS/24DC/24DC/5/EIP AXC F 1152 (1151412) Phoenix Contact ILC PLCs FL SWITCH Automation Worx Software Suite MULTIPROG FL MGUARD Automation Worx CLOUD CLIENT 1101T-TX/TX Config+ RAD-ISM-900-EN-BD/B ENERGY AXC PU (1264327) CHARX SEC-3000 (1139022) ILC 131 TC ROUTER 3002T-3G AXL F BK PN TPS DaUM ProConOs FL MGUARD CENTERPORT ILC 1x0 PC Worx FL MGUARD DM (2981974) AXC F
CVE IDTitleCVSSSeverityPublished
CVE-2021-34565 In WirelessHART-Gateway versions 3.0.7 to 3.0.9 hard-coded credentials have been found — WHA-GW-F2D2-0-AS- Z2-ETHCWE-798 9.8 Critical2021-08-31
CVE-2021-34564 In WirelessHART-Gateway versions 3.0.9 a vulnerability allows to read and write sensitive data in a cookie — WHA-GW-F2D2-0-AS- Z2-ETHCWE-315 5.5 Medium2021-08-31
CVE-2021-34563 In WirelessHART-Gateway versions 3.0.8 and 3.0.9 the HttpOnly flag is missing in a cookie which allows client-side javascript to modify it — WHA-GW-F2D2-0-AS- Z2-ETHCWE-1004 3.3 Low2021-08-31
CVE-2021-34562 A vulnerability in WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response — WHA-GW-F2D2-0-AS- Z2-ETHCWE-79 5.4 Medium2021-08-31
CVE-2021-34561 A vulnerability in WirelessHART-Gateway <= 3.0.8 allows to bypass any IP or firewall based access restrictions through DNS rebinding — WHA-GW-F2D2-0-AS- Z2-ETHCWE-350 7.5 High2021-08-31
CVE-2021-34560 A vulnerability in WirelessHART-Gateway <= 3.0.9 could lead to information exposure of sensitive information — WHA-GW-F2D2-0-AS- Z2-ETHCWE-522 5.5 Medium2021-08-31
CVE-2021-34559 A vulnerability in WirelessHART-Gateway <= 3.0.8 may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings — WHA-GW-F2D2-0-AS- Z2-ETHCWE-444 5.4 Medium2021-08-31
CVE-2021-33555 A vulnerability may allow remote attackers to read arbitrary files on the server of the WirelessHART-Gateway — WHA-GW-F2D2-0-AS- Z2-ETHCWE-22 7.5 High2021-08-31

This page lists every published CVE security advisory associated with PHOENIX CONTACT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.