Recent CVEs
CVE-2023-46144
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.
MEDIUM
Dec 14, 2023
CVE-2023-46142
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
HIGH
Dec 14, 2023
CVE-2020-12499
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
HIGH
Jul 21, 2020