Vulnerabilities in WIBU-SYSTEMS CodeMeter Runtime affect multiple Phoenix Contact products.

Phoenix Contact devices using CodeMeter embedded are not affected by these vulnerabilities.



Multiple vulnerabilities allow an attacker to read arbitrary files, inject commands and bypass authentication or access control. Furthermore, hardcoded session and encryption keys as well as a missing firmware update signature and a service running with unnecessary privileges were discovered.



Several vulnerabilities have been discovered in the LibGit2Sharp or underlying LibGit2 library.
This open-source component is widely used in a lot of products worldwide.
The product is vulnerable to remote code execution, privilege escalation and tampering.
PLCnext Engineer is using the LibGit2Sharp library to provide version control capabilities.



The FL MGUARD family of devices is affected by two vulnerabilities.



A Directory Traversal Vulnerability enables arbitrary file access in ENERGY AXC PU Web service.
An authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service.



Multiple vulnerabilities have been discovered in CODESYS Control V3 runtime system.
For details regarding the single vulnerabilities please refer to the security advisories issued by CODESYS:

  • CODESYS Security Advisory 2022-02
  • CODESYS Security Advisory 2022-04
  • CODESYS Security Advisory 2022-06
  • CODESYS Security Advisory 2022-09



Two Vulnerabilities have been discovered in TC ROUTER 4000 series and CLOUD CLIENT 2000 series up to firmware version 4.5.7x.107.

The web administration interface is vulnerable for authenticated admin users to path traversals, which could lead to arbitrary file uploads or deletion. Unvalidated user input also enables execution of OS commands.



Feeds

By Vendor

Archive

2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0