Vulnerabilites related to phoenixcontact - charx_sec-3050_firmware
CVE-2024-28136 (GCVE-0-2024-28136)
Vulnerability from cvelistv5
Published
2024-05-14 08:09
Modified
2025-01-24 06:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A local attacker with low privileges can use a command injection vulnerability to gain root
privileges due to improper input validation using the OCPP Remote service.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.1 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T13:43:24.083625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:25:25.119Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Trend Micro\u0027s Zero Day Initiative"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "@ByteInsight"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003e\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003c/p\u003e\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003eA local attacker with low privileges can \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003euse a command injection vulnerability to \u003c/span\u003egain root\nprivileges due to improper input validation using the OCPP Remote service.\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e"
}
],
"value": "A local attacker with low privileges can use a command injection vulnerability to gain root\nprivileges due to improper input validation using the OCPP Remote service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T06:33:52.412Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"source": {
"advisory": "VDE-2024-019",
"defect": [
"CERT@VDE#64664"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-28136",
"datePublished": "2024-05-14T08:09:52.725Z",
"dateReserved": "2024-03-05T08:10:25.697Z",
"dateUpdated": "2025-01-24T06:33:52.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28137 (GCVE-0-2024-28137)
Vulnerability from cvelistv5
Published
2024-05-14 08:10
Modified
2024-08-02 00:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Summary
A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.1 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T14:15:00.603552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:25:47.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Trend Micro\u0027s Zero Day Initiative"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Todd Manning"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003e\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003c/p\u003e\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003eA local attacker with low privileges can\u0026nbsp;perform a privilege escalation with an init script due to a TOCTOU vulnerability.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\n"
}
],
"value": "\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\n\n\t\t\t\n\t\t\t\t\n\t\t\t\t\tA local attacker with low privileges can\u00a0perform a privilege escalation with an init script due to a TOCTOU vulnerability.\n\n\n\n\n\n\n\n\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T11:48:50.771Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"source": {
"advisory": "VDE-2024-019",
"defect": [
"CERT@VDE#64664"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-28137",
"datePublished": "2024-05-14T08:10:06.014Z",
"dateReserved": "2024-03-05T08:10:25.697Z",
"dateUpdated": "2024-08-02T00:48:49.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25998 (GCVE-0-2024-25998)
Vulnerability from cvelistv5
Published
2024-03-12 08:11
Modified
2025-01-24 06:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25998",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-28T01:53:23.436340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:53:26.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chris Anastasio"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Fabius Watson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can perform a command injection\u0026nbsp;in the OCPP\u0026nbsp;Service with limited privileges due to improper input validation.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can perform a command injection\u00a0in the OCPP\u00a0Service with limited privileges due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T06:45:26.082Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Command injection in the OCPP Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25998",
"datePublished": "2024-03-12T08:11:31.787Z",
"dateReserved": "2024-02-14T08:22:26.364Z",
"dateUpdated": "2025-01-24T06:45:26.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28135 (GCVE-0-2024-28135)
Vulnerability from cvelistv5
Published
2024-05-14 08:09
Modified
2025-01-24 06:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A low privileged remote attacker can use a command injection vulnerability in the API which performs
remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.1 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T15:03:58.528873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:24:54.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Trend Micro\u0027s Zero Day Initiative"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003e\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003c/p\u003e\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003eA low privileged remote attacker can use\u0026nbsp;a command injection vulnerability in the API which performs\nremote code execution \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eas the \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003euser-app\u0026nbsp;\u003c/span\u003euser\u0026nbsp;\u003c/span\u003edue to improper input validation. The confidentiality is partly affected.\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e"
}
],
"value": "A low privileged remote attacker can use\u00a0a command injection vulnerability in the API which performs\nremote code execution as the user-app\u00a0user\u00a0due to improper input validation. The confidentiality is partly affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T06:35:03.912Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"source": {
"advisory": "VDE-2024-019",
"defect": [
"CERT@VDE#64664"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-28135",
"datePublished": "2024-05-14T08:09:39.703Z",
"dateReserved": "2024-03-05T08:10:25.697Z",
"dateUpdated": "2025-01-24T06:35:03.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3913 (GCVE-0-2024-3913)
Vulnerability from cvelistv5
Published
2024-08-13 12:30
Modified
2025-01-29 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Summary
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3000 (1139022) |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T13:48:51.878463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T13:56:57.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000 (1139022)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050 (1139018)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100 (1139012)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150 (1139012)",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alex Olson, \"gadha\""
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Trend Micro\u0027s Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T06:04:51.452Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-022"
}
],
"source": {
"advisory": "VDE-2024-022",
"defect": [
"CERT@VDE#641622"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Start sequence allows attack during the boot process",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-3913",
"datePublished": "2024-08-13T12:30:33.535Z",
"dateReserved": "2024-04-17T07:09:02.592Z",
"dateUpdated": "2025-01-29T06:04:51.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25994 (GCVE-0-2024-25994)
Vulnerability from cvelistv5
Published
2024-03-12 08:10
Modified
2025-01-24 06:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T15:53:04.268021Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:55:02.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alex Plaskett of NCC Group"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "McClaulay Hudson of NCC Group"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe upload destination is fixed and is write only.\u003c/span\u003e"
}
],
"value": "An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation.\u00a0The upload destination is fixed and is write only."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T06:47:39.754Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Unintended script file upload in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25994",
"datePublished": "2024-03-12T08:10:46.012Z",
"dateReserved": "2024-02-14T08:22:26.364Z",
"dateUpdated": "2025-01-24T06:47:39.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24003 (GCVE-0-2025-24003)
Vulnerability from cvelistv5
Published
2025-07-08 06:59
Modified
2025-07-08 13:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ 1.6.5 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T13:38:52.356516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T13:38:55.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jesson Soto Ventura"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthew Waddell"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations."
}
],
"value": "An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T06:59:17.316Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/en/advisories/VDE-2025-014"
}
],
"source": {
"advisory": "VDE-2025-014",
"defect": [
"CERT@VDE#641739"
],
"discovery": "UNKNOWN"
},
"title": "MQTT OOB Write Vulnerability in EichrechtAgents of German EV Charging Stations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-24003",
"datePublished": "2025-07-08T06:59:17.316Z",
"dateReserved": "2025-01-16T15:48:36.250Z",
"dateUpdated": "2025-07-08T13:38:55.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25997 (GCVE-0-2024-25997)
Vulnerability from cvelistv5
Published
2024-03-12 08:11
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T13:12:43.976071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:54:13.276Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chris Anastasio"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Fabius Watson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can perform a log injection due to improper input validation. \u003cspan style=\"background-color: var(--wht);\"\u003eOnly a certain log file is affected.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:11:19.909Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Log injection in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25997",
"datePublished": "2024-03-12T08:11:19.909Z",
"dateReserved": "2024-02-14T08:22:26.364Z",
"dateUpdated": "2024-08-01T23:52:06.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25268 (GCVE-0-2025-25268)
Vulnerability from cvelistv5
Published
2025-07-08 07:00
Modified
2025-07-08 14:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25268",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:23:36.385330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:29:11.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "HT3 Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication.\u003cbr\u003e"
}
],
"value": "An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T07:00:27.103Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"source": {
"advisory": "VDE-2025-019",
"defect": [
"CERT@VDE#641747"
],
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Configuration Access via Exposed API Endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-25268",
"datePublished": "2025-07-08T07:00:27.103Z",
"dateReserved": "2025-02-06T13:19:38.483Z",
"dateUpdated": "2025-07-08T14:29:11.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25996 (GCVE-0-2024-25996)
Vulnerability from cvelistv5
Published
2024-03-12 08:11
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:19:14.179453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:54:36.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tobias Scharnowski of fuzzware.io"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Felix Buchmann of fuzzware.io"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The a\u003cspan style=\"background-color: var(--wht);\"\u003eccess is limited to the service user.\u003c/span\u003e"
}
],
"value": "An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:11:08.905Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Remote code execution due to an origin validation error in CHARX Series ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25996",
"datePublished": "2024-03-12T08:11:08.905Z",
"dateReserved": "2024-02-14T08:22:26.364Z",
"dateUpdated": "2024-08-01T23:52:06.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25995 (GCVE-0-2024-25995)
Vulnerability from cvelistv5
Published
2024-03-12 08:10
Modified
2025-01-30 10:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert.vde.com/en/advisories/VDE-2024-011 | vendor-advisory | |
| https://www.zerodayinitiative.com/advisories/ZDI-24-856/ | third-party-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T15:59:09.576419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:49:44.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alex Plaskett of NCC Group"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "McClaulay Hudson of NCC Group"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation."
}
],
"value": "An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T10:48:21.911Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-856/"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Remote code execution in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25995",
"datePublished": "2024-03-12T08:10:58.302Z",
"dateReserved": "2024-02-14T08:22:26.364Z",
"dateUpdated": "2025-01-30T10:48:21.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26005 (GCVE-0-2024-26005)
Vulnerability from cvelistv5
Published
2024-03-12 08:12
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-459 - Incomplete Cleanup
Summary
An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:02:00.445845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:40.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jack Dates"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "RET2 Systems"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker\u0026nbsp;can gain service level privileges through an incomplete cleanup during service restart after a DoS.\u0026nbsp;"
}
],
"value": "An unauthenticated remote attacker\u00a0can gain service level privileges through an incomplete cleanup during service restart after a DoS.\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "CWE-459 Incomplete Cleanup",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:12:48.883Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Privilege gain through incomplete cleanup in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26005",
"datePublished": "2024-03-12T08:12:48.883Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2024-08-01T23:52:06.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25999 (GCVE-0-2024-25999)
Vulnerability from cvelistv5
Published
2024-03-12 08:11
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T13:14:48.183024Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:19.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chris Anastasio"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Fabius Watson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.\u0026nbsp;"
}
],
"value": "An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:11:41.862Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Privilege escalation in the OCPP agent service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25999",
"datePublished": "2024-03-12T08:11:41.862Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2024-08-01T23:52:06.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26002 (GCVE-0-2024-26002)
Vulnerability from cvelistv5
Published
2024-03-12 08:12
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T18:45:35.557638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:51:40.778Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Peter Geissler"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rick De Jager"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Carlo Meijer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files."
}
],
"value": "An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:12:13.841Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: File ownership manipulation in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26002",
"datePublished": "2024-03-12T08:12:13.841Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2024-08-01T23:52:06.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26000 (GCVE-0-2024-26000)
Vulnerability from cvelistv5
Published
2024-03-12 08:11
Modified
2025-04-16 15:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T17:37:47.149629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T15:39:43.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Peter Geissler"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rick De Jager"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Carlo Meijer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack.\u0026nbsp;The brute force attack is not always successful because of memory randomization.\u0026nbsp;"
}
],
"value": "An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack.\u00a0The brute force attack is not always successful because of memory randomization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T06:37:04.471Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Out of bounds read only memory access",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26000",
"datePublished": "2024-03-12T08:11:52.050Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2025-04-16T15:39:43.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26288 (GCVE-0-2024-26288)
Vulnerability from cvelistv5
Published
2024-03-12 08:13
Modified
2024-08-02 00:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Summary
An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T13:09:55.743451Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:50:37.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:07:19.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Chris Anastasio "
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Fabius Watson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected."
}
],
"value": "An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:13:05.195Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Lack of SSL support in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26288",
"datePublished": "2024-03-12T08:13:05.195Z",
"dateReserved": "2024-02-16T13:45:24.697Z",
"dateUpdated": "2024-08-02T00:07:19.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28134 (GCVE-0-2024-28134)
Vulnerability from cvelistv5
Published
2024-05-14 08:09
Modified
2024-08-02 00:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Summary
An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based
management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as only non-sensitive information can be obtained but the availability can be seriously affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.1 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T14:17:34.394686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:24:34.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Trend Micro\u0027s Zero Day Initiative"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003e\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003c/p\u003e\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003eAn unauthenticated remote attacker can extract a session token with a MitM attack and gain\u0026nbsp;web-based\nmanagement access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo additional user interaction is required.\u0026nbsp;\u003c/span\u003eThe access is limited as only non-sensitive information can be obtained but the availability can be seriously affected.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\n"
}
],
"value": "\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\n\n\t\t\t\n\t\t\t\t\n\t\t\t\t\tAn unauthenticated remote attacker can extract a session token with a MitM attack and gain\u00a0web-based\nmanagement access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required.\u00a0The access is limited as only non-sensitive information can be obtained but the availability can be seriously affected.\u00a0\n\n\n\n\n\n\n\n\n\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T11:48:10.617Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"source": {
"advisory": "VDE-2024-019",
"defect": [
"CERT@VDE#64664"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-28134",
"datePublished": "2024-05-14T08:09:24.900Z",
"dateReserved": "2024-03-05T08:10:25.696Z",
"dateUpdated": "2024-08-02T00:48:49.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24005 (GCVE-0-2025-24005)
Vulnerability from cvelistv5
Published
2025-07-08 06:59
Modified
2025-07-08 14:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:23:40.951749Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:29:26.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jesson Soto Ventura"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthew Waddell"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.\u003cbr\u003e"
}
],
"value": "A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T06:59:45.822Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-014"
}
],
"source": {
"advisory": "VDE-2025-014",
"defect": [
"CERT@VDE#641739"
],
"discovery": "UNKNOWN"
},
"title": "Local Privilege Escalation via Vulnerable SSH Script",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-24005",
"datePublished": "2025-07-08T06:59:45.822Z",
"dateReserved": "2025-01-16T15:48:36.250Z",
"dateUpdated": "2025-07-08T14:29:26.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6788 (GCVE-0-2024-6788)
Vulnerability from cvelistv5
Published
2024-08-13 13:15
Modified
2025-08-22 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1392 - Use of Default Credentials
Summary
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*",
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*",
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*",
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T16:40:42.748470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T16:50:38.588Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "1.6.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "McCaulay Hudson"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alexander Plaskett"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "NCC Group"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user \u201cuser-app\u201d to the default password.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user \u201cuser-app\u201d to the default password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392 Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T10:24:58.187Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-022"
}
],
"source": {
"advisory": "VDE-2024-022",
"defect": [
"CERT@VDE#641622"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-6788",
"datePublished": "2024-08-13T13:15:03.120Z",
"dateReserved": "2024-07-16T12:18:00.312Z",
"dateUpdated": "2025-08-22T10:24:58.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24004 (GCVE-0-2025-24004)
Vulnerability from cvelistv5
Published
2025-07-08 06:59
Modified
2025-07-08 13:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ 1.6.5 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T13:37:15.630528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T13:37:47.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jesson Soto Ventura"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthew Waddell"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog."
}
],
"value": "A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T06:59:32.300Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-014"
}
],
"source": {
"advisory": "VDE-2025-014",
"defect": [
"CERT@VDE#641816"
],
"discovery": "UNKNOWN"
},
"title": "USB-C Buffer Overflow via Display Interface in EV Charging Stations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-24004",
"datePublished": "2025-07-08T06:59:32.300Z",
"dateReserved": "2025-01-16T15:48:36.250Z",
"dateUpdated": "2025-07-08T13:37:47.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24002 (GCVE-0-2025-24002)
Vulnerability from cvelistv5
Published
2025-07-08 06:58
Modified
2025-07-08 13:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ 1.6.5 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T13:39:22.906184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T13:39:35.059Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jesson Soto Ventura"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthew Waddell"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T06:58:58.916Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/en/advisories/VDE-2025-014"
}
],
"source": {
"advisory": "VDE-2025-014",
"defect": [
"CERT@VDE#641739"
],
"discovery": "UNKNOWN"
},
"title": "MQTT DoS Vulnerability in German EV Charging Stations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-24002",
"datePublished": "2025-07-08T06:58:58.916Z",
"dateReserved": "2025-01-16T15:48:36.249Z",
"dateUpdated": "2025-07-08T13:39:35.059Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24006 (GCVE-0-2025-24006)
Vulnerability from cvelistv5
Published
2025-07-08 07:00
Modified
2025-07-08 14:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:23:38.428912Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:29:19.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jesson Soto Ventura"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthew Waddell"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root.\u003cbr\u003e"
}
],
"value": "A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T07:00:04.532Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-014"
}
],
"source": {
"advisory": "VDE-2025-014",
"defect": [
"CERT@VDE#641739"
],
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation via Insecure SSH Permissions",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-24006",
"datePublished": "2025-07-08T07:00:03.724Z",
"dateReserved": "2025-01-16T15:48:36.250Z",
"dateUpdated": "2025-07-08T14:29:19.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25270 (GCVE-0-2025-25270)
Vulnerability from cvelistv5
Published
2025-07-08 07:00
Modified
2025-07-08 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-913 - Improper Control of Dynamically-Managed Code Resources
Summary
An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25270",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:15:27.812302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:28:53.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tobias Scharnowski"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Felix Buchmann"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Kristian Covic"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-913",
"description": "CWE-913 Improper Control of Dynamically-Managed Code Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T07:00:58.478Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"source": {
"advisory": "VDE-2025-019",
"defect": [
"CERT@VDE#641747"
],
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution via Unauthenticated Configuration Manipulation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-25270",
"datePublished": "2025-07-08T07:00:58.478Z",
"dateReserved": "2025-02-06T13:19:38.483Z",
"dateUpdated": "2025-07-08T14:28:53.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26003 (GCVE-0-2024-26003)
Vulnerability from cvelistv5
Published
2024-03-12 08:12
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T13:17:04.404042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:49:35.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jack Dates"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "RET2 Systems"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.\u0026nbsp;"
}
],
"value": "An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:12:26.754Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: DoS of the control agent in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26003",
"datePublished": "2024-03-12T08:12:26.754Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2024-08-01T23:52:06.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25271 (GCVE-0-2025-25271)
Vulnerability from cvelistv5
Published
2025-07-08 07:01
Modified
2025-07-22 07:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Summary
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:23:31.539913Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:28:44.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface.\u003cbr\u003e"
}
],
"value": "An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T07:50:50.592Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"source": {
"advisory": "VDE-2025-019",
"defect": [
"CERT@VDE#641747"
],
"discovery": "UNKNOWN"
},
"title": "OCPP Backend Configuration via Insecure Defaults",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-25271",
"datePublished": "2025-07-08T07:01:33.274Z",
"dateReserved": "2025-02-06T13:19:38.484Z",
"dateUpdated": "2025-07-22T07:50:50.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26004 (GCVE-0-2024-26004)
Vulnerability from cvelistv5
Published
2024-03-12 08:12
Modified
2024-08-01 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
Summary
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T15:53:30.751365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:52:12.052Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jack Dates"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "RET2 Systems"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer\u0026nbsp;which may prevent or disrupt the charging functionality. "
}
],
"value": "An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer\u00a0which may prevent or disrupt the charging functionality. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:12:38.367Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: DoS of a control agent due to access of a uninitialized pointer\u00a0in CHARX Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26004",
"datePublished": "2024-03-12T08:12:38.367Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2024-08-01T23:52:06.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25269 (GCVE-0-2025-25269)
Vulnerability from cvelistv5
Published
2025-07-08 07:00
Modified
2025-07-08 14:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Phoenix Contact | CHARX SEC-3150 |
Version: 0.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:23:34.298289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:29:03.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "HT3 Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.\u003cbr\u003e"
}
],
"value": "An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T07:00:42.749Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"source": {
"advisory": "VDE-2025-019",
"defect": [
"CERT@VDE#641747"
],
"discovery": "UNKNOWN"
},
"title": "Local Privilege Escalation via Unauthenticated Command Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-25269",
"datePublished": "2025-07-08T07:00:42.749Z",
"dateReserved": "2025-02-06T13:19:38.483Z",
"dateUpdated": "2025-07-08T14:29:03.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26001 (GCVE-0-2024-26001)
Vulnerability from cvelistv5
Published
2024-03-12 08:12
Modified
2025-01-24 06:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T18:26:16.012872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:52:36.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Peter Geissler"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rick De Jager"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Carlo Meijer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can write\u0026nbsp;memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization. \u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can write\u00a0memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T06:36:20.776Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"source": {
"advisory": "VDE-2024-011",
"defect": [
"CERT@VDE#64650"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Out of bounds write only memory access",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-26001",
"datePublished": "2024-03-12T08:12:03.535Z",
"dateReserved": "2024-02-14T08:22:26.365Z",
"dateUpdated": "2025-01-24T06:36:20.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28133 (GCVE-0-2024-28133)
Vulnerability from cvelistv5
Published
2024-05-14 08:09
Modified
2024-08-02 00:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-426 - Untrusted Search Path
Summary
A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root
privileges.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | PHOENIX CONTACT | CHARX SEC-3000 |
Version: 0 ≤ 1.5.1 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3100:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3100",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3150:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3150",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3000:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3000",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:phoenixcontact:charx_sec_3050:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "charx_sec_3050",
"vendor": "phoenixcontact",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T14:19:05.526123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T15:24:12.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3050",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3100",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CHARX SEC-3150",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThanOrEqual": "1.5.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Trend Micro\u0027s Zero Day Initiative"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\u003cdiv\u003e\n\t\t\t\u003cdiv\u003e\n\t\t\t\t\u003cdiv\u003e\n\t\t\t\t\t\u003cp\u003eA local low privileged attacker can use \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ean untrusted search path in a\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCHARX system utility\u003c/span\u003e to gain\u003c/span\u003e\u0026nbsp;root\nprivileges.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\n\u003cp\u003e\u003c/p\u003e\n\t\t\t\t\u003c/div\u003e\n\t\t\t\u003c/div\u003e\n\t\t\u003c/div\u003e\n\t\n"
}
],
"value": "\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\t\t\t\n\t\t\t\t\n\t\t\t\t\tA local low privileged attacker can use an untrusted search path in a\u00a0CHARX system utility to gain\u00a0root\nprivileges.\u00a0\n\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T11:47:59.462Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"source": {
"advisory": "VDE-2024-019",
"defect": [
"CERT@VDE#64664"
],
"discovery": "UNKNOWN"
},
"title": "PHOENIX CONTACT: Privilege escalation in CHARX Series ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-28133",
"datePublished": "2024-05-14T08:09:11.136Z",
"dateReserved": "2024-03-05T08:10:25.696Z",
"dateUpdated": "2024-08-02T00:48:49.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-05-14 16:16
Modified
2025-01-23 18:51
Severity ?
Summary
A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root
privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302D364D-DF79-4B41-8E1B-D0DDEF1F9391",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD012CF-B236-4AFD-B56D-981951587010",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A74C84-D9F7-4220-888F-0239CC37E65A",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "541667E1-68F6-401A-958F-42593A648419",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\t\t\t\n\t\t\t\t\n\t\t\t\t\tA local low privileged attacker can use an untrusted search path in a\u00a0CHARX system utility to gain\u00a0root\nprivileges.\u00a0\n\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
},
{
"lang": "es",
"value": "Un atacante local con pocos privilegios puede utilizar una ruta de b\u00fasqueda que no sea de confianza en una utilidad del sistema CHARX para obtener privilegios de root."
}
],
"id": "CVE-2024-28133",
"lastModified": "2025-01-23T18:51:57.947",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-05-14T16:16:36.227",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:48
Severity ?
Summary
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.\u00a0"
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede hacer DoS al agente de control debido a una lectura fuera de los l\u00edmites que puede impedir o interrumpir la funcionalidad de carga."
}
],
"id": "CVE-2024-26003",
"lastModified": "2025-01-23T18:48:31.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:09.140",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 16:16
Modified
2025-01-23 18:55
Severity ?
Summary
A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302D364D-DF79-4B41-8E1B-D0DDEF1F9391",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD012CF-B236-4AFD-B56D-981951587010",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A74C84-D9F7-4220-888F-0239CC37E65A",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "541667E1-68F6-401A-958F-42593A648419",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\n\n\t\t\t\n\t\t\t\t\n\t\t\t\t\tA local attacker with low privileges can\u00a0perform a privilege escalation with an init script due to a TOCTOU vulnerability.\n\n\n\n\n\n\n\n\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
},
{
"lang": "es",
"value": "Un atacante local con privilegios bajos puede realizar una escalada de privilegios con un script de inicio debido a una vulnerabilidad de TOCTOU."
}
],
"id": "CVE-2024-28137",
"lastModified": "2025-01-23T18:55:34.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-05-14T16:16:42.400",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:36
Severity ?
Summary
A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-014 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6338C05A-3F0E-408E-98B1-51B2EAE05F5B",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6EA57F-57E6-437F-8035-3B714A4E824C",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "160F031E-81BB-466B-808D-6BF46D28BD17",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0E8722-3BCD-4360-BF23-7BC020A28D51",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog."
},
{
"lang": "es",
"value": "Un atacante f\u00edsico con acceso a la pantalla del dispositivo a trav\u00e9s de USB-C puede enviar un mensaje al dispositivo que activa una copia no segura a un b\u00fafer, lo que genera una p\u00e9rdida de integridad y una denegaci\u00f3n de servicio temporal para las estaciones hasta que sean reiniciadas por el organismo de control."
}
],
"id": "CVE-2025-24004",
"lastModified": "2025-07-11T14:36:09.917",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 4.2,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:24.127",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-014"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:37
Severity ?
Summary
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2E15E9-975A-4B26-8AAD-2621754930CF",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AD1F59-F9B7-4914-BF4C-9EC63AAA61E4",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A018ED-A75E-4DF9-A73F-61E473FB2862",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "546AB06F-3924-44DC-B9F1-E70137A4F253",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication."
},
{
"lang": "es",
"value": "Un atacante adyacente no autenticado puede modificar la configuraci\u00f3n enviando solicitudes espec\u00edficas a un endpoint de API, lo que genera acceso de lectura y escritura debido a la falta de autenticaci\u00f3n."
}
],
"id": "CVE-2025-25268",
"lastModified": "2025-07-11T14:37:03.430",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:24.693",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:46
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.\u00a0"
},
{
"lang": "es",
"value": "Un atacante local no autenticado puede realizar una escalada de privilegios debido a una validaci\u00f3n de entrada incorrecta en el servicio del agente OCPP."
}
],
"id": "CVE-2024-25999",
"lastModified": "2025-01-23T18:46:09.307",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:08.233",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:48
Severity ?
Summary
An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files."
},
{
"lang": "es",
"value": "Una validaci\u00f3n de entrada incorrecta en Qualcom plctool permite a un atacante local con privilegios bajos obtener acceso de root cambiando la propiedad de archivos espec\u00edficos."
}
],
"id": "CVE-2024-26002",
"lastModified": "2025-01-23T18:48:12.083",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:08.940",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:45
Severity ?
Summary
An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.\n\n"
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede realizar una inyecci\u00f3n de registro debido a una validaci\u00f3n de entrada incorrecta. S\u00f3lo un determinado archivo de registro se ve afectado."
}
],
"id": "CVE-2024-25997",
"lastModified": "2025-01-23T18:45:15.403",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:07.810",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:48
Severity ?
Summary
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer\u00a0which may prevent or disrupt the charging functionality. "
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede hacer DoS a un agente de control debido al acceso de un puntero no inicializado que puede impedir o interrumpir la funcionalidad de carga."
}
],
"id": "CVE-2024-26004",
"lastModified": "2025-01-23T18:48:50.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:09.357",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-13 14:15
Modified
2025-08-22 11:15
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-022 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC363C54-329E-4E96-A181-6CD72B9AC2C3",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A366B-8D9D-4F56-940D-815100FADBF9",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B92922A-12E9-47D8-AAF9-78BE6280B0A5",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5319EC7A-BBCA-4651-AC0E-992474DC436E",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user \u201cuser-app\u201d to the default password."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede utilizar la funci\u00f3n de actualizaci\u00f3n de firmware en la interfaz LAN del dispositivo para restablecer la contrase\u00f1a de la \"aplicaci\u00f3n de usuario\" predefinida y con pocos privilegios a la contrase\u00f1a predeterminada.\n"
}
],
"id": "CVE-2024-6788",
"lastModified": "2025-08-22T11:15:30.207",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-13T14:15:16.457",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-022"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede realizar una ejecuci\u00f3n remota de c\u00f3digo debido a un error de validaci\u00f3n de origen. El acceso est\u00e1 limitado al usuario del servicio."
}
],
"id": "CVE-2024-25996",
"lastModified": "2025-01-23T18:44:35.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:07.573",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 16:16
Modified
2025-01-23 18:53
Severity ?
Summary
An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based
management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as only non-sensitive information can be obtained but the availability can be seriously affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302D364D-DF79-4B41-8E1B-D0DDEF1F9391",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD012CF-B236-4AFD-B56D-981951587010",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A74C84-D9F7-4220-888F-0239CC37E65A",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "541667E1-68F6-401A-958F-42593A648419",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\t\t\t\n\t\t\t\t\n\t\t\t\t\t\n\n\t\n\t\t\n\t\t\n\t\n\t\n\t\t\n\n\n\t\t\t\n\t\t\t\t\n\t\t\t\t\tAn unauthenticated remote attacker can extract a session token with a MitM attack and gain\u00a0web-based\nmanagement access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required.\u00a0The access is limited as only non-sensitive information can be obtained but the availability can be seriously affected.\u00a0\n\n\n\n\n\n\n\n\n\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede extraer un token de sesi\u00f3n con un ataque MitM y obtener acceso de administraci\u00f3n basado en web con los privilegios del usuario actualmente conectado debido a la transmisi\u00f3n de texto plano de informaci\u00f3n confidencial. No se requiere interacci\u00f3n adicional del usuario. El acceso es limitado ya que s\u00f3lo se puede obtener informaci\u00f3n no confidencial pero la disponibilidad puede verse seriamente afectada."
}
],
"id": "CVE-2024-28134",
"lastModified": "2025-01-23T18:53:02.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-05-14T16:16:37.623",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-24 07:15
Severity ?
Summary
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation.\u00a0The upload destination is fixed and is write only."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede cargar un archivo de script arbitrario debido a una validaci\u00f3n de entrada incorrecta. El destino de carga es fijo y es de solo escritura."
}
],
"id": "CVE-2024-25994",
"lastModified": "2025-01-24T07:15:08.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:07.080",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-24 07:15
Severity ?
Summary
An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can perform a command injection\u00a0in the OCPP\u00a0Service with limited privileges due to improper input validation."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede realizar una inyecci\u00f3n de comando en el servicio OCPP con privilegios limitados debido a una validaci\u00f3n de entrada incorrecta."
}
],
"id": "CVE-2024-25998",
"lastModified": "2025-01-24T07:15:09.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:08.020",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 16:16
Modified
2025-01-24 07:15
Severity ?
Summary
A local attacker with low privileges can use a command injection vulnerability to gain root
privileges due to improper input validation using the OCPP Remote service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302D364D-DF79-4B41-8E1B-D0DDEF1F9391",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD012CF-B236-4AFD-B56D-981951587010",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A74C84-D9F7-4220-888F-0239CC37E65A",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "541667E1-68F6-401A-958F-42593A648419",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local attacker with low privileges can use a command injection vulnerability to gain root\nprivileges due to improper input validation using the OCPP Remote service."
},
{
"lang": "es",
"value": "Un atacante local con privilegios bajos puede utilizar una vulnerabilidad de inyecci\u00f3n de comandos para obtener privilegios de root debido a una validaci\u00f3n de entrada incorrecta mediante el servicio remoto OCPP."
}
],
"id": "CVE-2024-28136",
"lastModified": "2025-01-24T07:15:10.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-05-14T16:16:40.613",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:37
Severity ?
Summary
An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2E15E9-975A-4B26-8AAD-2621754930CF",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AD1F59-F9B7-4914-BF4C-9EC63AAA61E4",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A018ED-A75E-4DF9-A73F-61E473FB2862",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "546AB06F-3924-44DC-B9F1-E70137A4F253",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation."
},
{
"lang": "es",
"value": "Un atacante local no autenticado puede inyectar un comando que posteriormente se ejecuta como root, lo que provoca una escalada de privilegios."
}
],
"id": "CVE-2025-25269",
"lastModified": "2025-07-11T14:37:05.943",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:24.890",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-30 11:15
Severity ?
Summary
An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede modificar las configuraciones para realizar una ejecuci\u00f3n remota de c\u00f3digo debido a una falta de autenticaci\u00f3n para una funci\u00f3n cr\u00edtica."
}
],
"id": "CVE-2024-25995",
"lastModified": "2025-01-30T11:15:11.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:07.343",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "info@cert.vde.com",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-856/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:51
Severity ?
Summary
An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede influir en la comunicaci\u00f3n debido a la falta de cifrado de datos confidenciales a trav\u00e9s de un MITM. La carga no se ve afectada."
}
],
"id": "CVE-2024-26288",
"lastModified": "2025-01-23T18:51:10.803",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:09.823",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:36
Severity ?
Summary
A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-014 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2E15E9-975A-4B26-8AAD-2621754930CF",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AD1F59-F9B7-4914-BF4C-9EC63AAA61E4",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A018ED-A75E-4DF9-A73F-61E473FB2862",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "546AB06F-3924-44DC-B9F1-E70137A4F253",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation."
},
{
"lang": "es",
"value": "Un atacante local con una cuenta de usuario local puede aprovechar un script vulnerable a trav\u00e9s de SSH para escalar privilegios a root debido a una validaci\u00f3n de entrada incorrecta."
}
],
"id": "CVE-2025-24005",
"lastModified": "2025-07-11T14:36:07.343",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:24.303",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-014"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-24 07:15
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can write\u00a0memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede escribir memoria fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta en la pila MQTT. El ataque de fuerza bruta no siempre tiene \u00e9xito debido a la aleatorizaci\u00f3n de la memoria."
}
],
"id": "CVE-2024-26001",
"lastModified": "2025-01-24T07:15:09.653",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:08.730",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:36
Severity ?
Summary
A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-014 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2E15E9-975A-4B26-8AAD-2621754930CF",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AD1F59-F9B7-4914-BF4C-9EC63AAA61E4",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A018ED-A75E-4DF9-A73F-61E473FB2862",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "546AB06F-3924-44DC-B9F1-E70137A4F253",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root."
},
{
"lang": "es",
"value": "Un atacante local con pocos privilegios puede aprovechar permisos inseguros a trav\u00e9s de SSH en los dispositivos afectados para escalar privilegios a root."
}
],
"id": "CVE-2025-24006",
"lastModified": "2025-07-11T14:36:03.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:24.493",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-014"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-13 13:15
Modified
2025-01-29 06:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-022 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5319EC7A-BBCA-4651-AC0E-992474DC436E",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B92922A-12E9-47D8-AAF9-78BE6280B0A5",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B67A366B-8D9D-4F56-940D-815100FADBF9",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC363C54-329E-4E96-A181-6CD72B9AC2C3",
"versionEndExcluding": "1.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede utilizar esta vulnerabilidad para cambiar la configuraci\u00f3n del dispositivo debido a un archivo que se puede escribir durante un breve per\u00edodo de tiempo despu\u00e9s del inicio del sistema."
}
],
"id": "CVE-2024-3913",
"lastModified": "2025-01-29T06:15:30.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-08-13T13:15:12.750",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-022"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:37
Severity ?
Summary
An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2E15E9-975A-4B26-8AAD-2621754930CF",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AD1F59-F9B7-4914-BF4C-9EC63AAA61E4",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A018ED-A75E-4DF9-A73F-61E473FB2862",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "546AB06F-3924-44DC-B9F1-E70137A4F253",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede alterar la configuraci\u00f3n del dispositivo de manera tal de obtener la ejecuci\u00f3n remota de c\u00f3digo como root con configuraciones espec\u00edficas."
}
],
"id": "CVE-2025-25270",
"lastModified": "2025-07-11T14:37:08.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:25.080",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-913"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-24 07:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack.\u00a0The brute force attack is not always successful because of memory randomization."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede leer la memoria fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta en la pila MQTT. El ataque de fuerza bruta no siempre tiene \u00e9xito debido a la aleatorizaci\u00f3n de la memoria."
}
],
"id": "CVE-2024-26000",
"lastModified": "2025-01-24T07:15:09.440",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:08.493",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:37
Severity ?
Summary
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/de/advisories/VDE-2025-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2E15E9-975A-4B26-8AAD-2621754930CF",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63AD1F59-F9B7-4914-BF4C-9EC63AAA61E4",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A018ED-A75E-4DF9-A73F-61E473FB2862",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "546AB06F-3924-44DC-B9F1-E70137A4F253",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface."
},
{
"lang": "es",
"value": "Un atacante adyacente no autenticado puede configurar un nuevo backend OCPP, debido a valores predeterminados inseguros para la interfaz de configuraci\u00f3n."
}
],
"id": "CVE-2025-25271",
"lastModified": "2025-07-11T14:37:11.330",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:25.270",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/de/advisories/VDE-2025-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:36
Severity ?
Summary
An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/en/advisories/VDE-2025-014 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6338C05A-3F0E-408E-98B1-51B2EAE05F5B",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6EA57F-57E6-437F-8035-3B714A4E824C",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "160F031E-81BB-466B-808D-6BF46D28BD17",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0E8722-3BCD-4360-BF23-7BC020A28D51",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede usar mensajes MQTT para bloquear un servicio en estaciones de carga que cumplen con la Ley de Calibraci\u00f3n Alemana, lo que genera una denegaci\u00f3n de servicio temporal para estas estaciones hasta que sean reiniciadas por el organismo de control."
}
],
"id": "CVE-2025-24002",
"lastModified": "2025-07-11T14:36:14.843",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:23.473",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/en/advisories/VDE-2025-014"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 16:16
Modified
2025-01-24 07:15
Severity ?
Summary
A low privileged remote attacker can use a command injection vulnerability in the API which performs
remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-019 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302D364D-DF79-4B41-8E1B-D0DDEF1F9391",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD012CF-B236-4AFD-B56D-981951587010",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A74C84-D9F7-4220-888F-0239CC37E65A",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "541667E1-68F6-401A-958F-42593A648419",
"versionEndIncluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A low privileged remote attacker can use\u00a0a command injection vulnerability in the API which performs\nremote code execution as the user-app\u00a0user\u00a0due to improper input validation. The confidentiality is partly affected."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios puede utilizar una vulnerabilidad de inyecci\u00f3n de comandos en la API que realiza la ejecuci\u00f3n remota de c\u00f3digo como usuario de la aplicaci\u00f3n debido a una validaci\u00f3n de entrada incorrecta. La confidencialidad se ve parcialmente afectada."
}
],
"id": "CVE-2024-28135",
"lastModified": "2025-01-24T07:15:09.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-05-14T16:16:39.033",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-019"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 09:15
Modified
2025-01-23 18:50
Severity ?
Summary
An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en/advisories/VDE-2024-011 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D503940-7117-4D15-ACA8-0CCEEBB2DB18",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5ABD397-F1C6-4C06-AF8C-506C211D46E6",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7B38B8-A035-4897-A3A7-D65DC7EC5793",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0138361A-DD4C-4A19-86A6-6D0BA7AA649A",
"versionEndExcluding": "1.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker\u00a0can gain service level privileges through an incomplete cleanup during service restart after a DoS.\u00a0"
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede obtener privilegios de nivel de servicio mediante una limpieza incompleta durante el reinicio del servicio despu\u00e9s de un DoS."
}
],
"id": "CVE-2024-26005",
"lastModified": "2025-01-23T18:50:20.543",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T09:15:09.577",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-011"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 07:15
Modified
2025-07-11 14:36
Severity ?
Summary
An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://certvde.com/en/advisories/VDE-2025-014 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6338C05A-3F0E-408E-98B1-51B2EAE05F5B",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1095269-9D5A-4557-BA9D-33B49AAA339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6EA57F-57E6-437F-8035-3B714A4E824C",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775BA5ED-968B-4759-BA39-50F9EAB29169",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "160F031E-81BB-466B-808D-6BF46D28BD17",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F498BFB3-3C39-4F0B-9775-0B4F891D866C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0E8722-3BCD-4360-BF23-7BC020A28D51",
"versionEndIncluding": "1.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32916BED-0241-4787-960C-7A4E8E1DDED7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations."
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede usar mensajes MQTT para activar escrituras fuera de los l\u00edmites en estaciones de carga que cumplen con la Ley de calibraci\u00f3n alemana, lo que genera una p\u00e9rdida de integridad solo para EichrechtAgents y una posible denegaci\u00f3n de servicio para estas estaciones."
}
],
"id": "CVE-2025-24003",
"lastModified": "2025-07-11T14:36:12.323",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "info@cert.vde.com",
"type": "Primary"
}
]
},
"published": "2025-07-08T07:15:23.943",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
],
"url": "https://certvde.com/en/advisories/VDE-2025-014"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "info@cert.vde.com",
"type": "Primary"
}
]
}