Risk | High |
Patch available | YES |
Number of vulnerabilities | 13 |
CVE-ID | CVE-2024-25994 CVE-2024-25997 CVE-2024-25995 CVE-2024-25996 CVE-2024-26288 CVE-2024-26000 CVE-2024-26003 CVE-2024-26005 CVE-2024-26001 CVE-2024-26002 CVE-2024-25998 CVE-2024-25999 CVE-2024-26004 |
CWE-ID | CWE-434 CWE-117 CWE-306 CWE-346 CWE-326 CWE-843 CWE-125 CWE-416 CWE-119 CWE-269 CWE-77 CWE-20 CWE-476 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
CHARX SEC-3000 Hardware solutions / Firmware CHARX SEC-3050 Hardware solutions / Firmware CHARX SEC-3100 Hardware solutions / Firmware CHARX SEC-3150 Hardware solutions / Firmware |
Vendor | Phoenix Contact GmbH |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
EUVDB-ID: #VU93214
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25994
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload within the CharxUpdateAgent service. A remote attacker can upload a malicious file and execute it on the server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-867/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93251
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25997
CWE-ID:
CWE-117 - Improper Output Neutralization for Logs
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient neutralization of special characters when writing to logs. A remote attacker on the local network can inject malicious content into log files on affected installations.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-855/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93247
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25995
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to missing authentication for critical function within the CharxSystemConfigManager service. A remote attacker on the local network can execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-856/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93246
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25996
CWE-ID:
CWE-346 - Origin Validation Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to missing origin validation within the configuration of firewall rules. A remote attacker on the local network can bypass firewall rules and access another interface on affected installations.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-857/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93234
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26288
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication.
The vulnerability exists due to inadequate encryption strength within the implementation of the OCPP protocol. A remote attacker on the local network can bypass authentication and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-858/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93232
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26000
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a type confusion error within the handling of JSON-encoded arrays. A remote attacker on the local network can pass specially crafted data to the application, trigger a type confusion error and gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-859/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93230
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26003
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the parsing of the HomePlug Green PHY Protocol. A remote attacker in the local network can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-860/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93227
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26005
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the handling of ClientSession objects in the CharxControllerAgent service. A remote attacker on the local network can execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-861/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93226
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26001
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the handling of JSON-encoded arrays. A remote attacker on the local network can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-862/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93220
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26002
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges.
The vulnerability exists due to improper privilege management within the plctool binary. A local user can escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-863/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93218
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25998
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation within the handling of the location parameter of the UpdateFirmwareRequest command. A remote attacker on the local network can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-864/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93216
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-25999
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input within the charx_pack_logs script. A local user can pass specially crafted input to the application and execute arbitrary code in the context of root.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-865/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU93215
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26004
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the handling of CANopenDevice objects. A remote attacker on the local network can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCHARX SEC-3000: 1.5.0
CHARX SEC-3050: 1.5.0
CHARX SEC-3100: 1.5.0
CHARX SEC-3150: 1.5.0
External linkshttp://cert.vde.com/en/advisories/VDE-2024-011
http://www.zerodayinitiative.com/advisories/ZDI-24-866/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.