Photubias

**Name of the Vulnerable Software and Affected Versions** eWON versions 12.2 through 13.0 **Description** eWON firmware contains an authentication bypass that allows attackers with minimal privileges to retrieve sensitive user data. Attackers can exploit the `wsdReadForm` API endpoint by sending POST requests to `/wrcgi.bin/wsdReadForm` with base64-encoded partial credentials and a crafted `wsdList` parameter. This allows extraction of encrypted passwords for all users, which can be decrypted using a hardcoded XOR key. **Recommendations** Versions 12.2 through 13.0 should be updated when a fix becomes available. As a temporary workaround, restrict access to the `wsdReadForm` endpoint.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact ILC PLCs (affected versions not specified) **Description** The issue concerns the storage and transfer of passwords in clear text due to the configuration of the password macro in Webvisit. This macro is intended to protect HMI pages on the PLC against unauthorized access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact ILC PLCs (affected versions not specified) **Description** The issue concerns the web server in Phoenix Contact ILC PLCs, which allows unauthorized access to read and write PLC variables due to a lack of authentication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Modicon M241 versions prior to 4.0.5.11 Modicon M251 versions prior to 4.0.5.11 **Description** A Use of Insufficiently Random Values issue was discovered, where the session numbers generated by the web application lack randomization and are shared between several users. This may allow a current session to be compromised. **Recommendations** For Modicon M241 versions prior to 4.0.5.11, update to version 4.0.5.11 or later to resolve the issue. For Modicon M251 versions prior to 4.0.5.11, update to version 4.0.5.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact ProConOs and MultiProg (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary commands without requiring authentication. This can be achieved by sending protocol-compliant traffic. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.