|Article no||Article||Affected versions|
|--||Activation Wizard||1.4 and earlier|
|1046008||PC Worx Engineer||2021.06 and earlier|
|1165889||PLCNEXT ENGINEER EDU LIC
|2021.06 and earlier|
|2702889||FL Network Manager||5.0 and earlier|
|E-Mobility Charging Suite license codes
for EV Charging Suite Setup
|1.7.3 and earlier|
|1083065||IOL-CONF||1.7.0 and earlier|
Please consult the CVE entries above for more details.
An attacker may use the above-described vulnerabilities to perform a Denial of Service attack.
Phoenix Contact devices using CodeMeter embedded are not affected by these vulnerabilities.
Temporary Fix / Mitigation
PHOENIX CONTACT strongly recommends affected Users to upgrade to Codemeter V7.21a, which fixes these vulnerabilities. Wibu-Systems has already published this update for CodeMeter on their homepage. Since this current version of CodeMeter V7.21a has not yet been incorporated into Phoenix Contact products, we strongly recommend to download and install the current CodeMeter version directly from the Wibu-Systems homepage.
This vulnerability was discovered and reported to WIBU Systems by Tenable.
We kindly appreciate the coordinated disclosure of this vulnerability by the finder.
PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication.