Ret2 Systems

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact CHARX SEC-3100 (affected versions not specified) **Description** An unauthenticated remote attacker can cause a denial of service (DoS) to the control agent due to an out-of-bounds read, which may prevent or disrupt the charging functionality. The issue is related to the HomePlug Protocol. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Phoenix Contact CHARX SEC-3100 CANopenDevice (affected versions not specified) **Description** An unauthenticated remote attacker can disrupt the charging functionality by causing a denial-of-service (DoS) in the control agent due to access of an uninitialized pointer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3100 (affected versions not specified) Description: The issue is related to an incomplete cleanup during service restart after a Denial of Service (DoS), allowing an unauthenticated remote attacker to gain service level privileges. This can also lead to remote code execution due to a use-after-free vulnerability in the ClientSession. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.