ICSA-22-326-03
·
Published 2022-11-22
·
View on CISA ICS-CERT ↗
Phoenix Contact Automation Worx
CVSS 7.8
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could lead to a heap buffer overflow, release of unallocated memory, or a read access violation.
CVEs (2)
Remediations
- Phoenix Contact recommends users update to the latest version of Automation Worx Software Suite and exchange project files only via secure file exchange services. Project files should not be exchanged via unencrypted email.
- CERT@VDE has released an advisory on these vulnerabilities, accessible here.
Affected Vendors
Phoenix Contact
Affected Products (3)
Phoenix Contact
·
Automation Worx Config+
<= 1.89
Phoenix Contact
·
Automation Worx PC Worx
<= 1.89
Phoenix Contact
·
Automation Worx PC Worx Express
<= 1.89
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more