CVE-2023-37863

Name of the Vulnerable Software and Affected Versions PHOENIX CONTACT WP 6xxx versions prior to 4.0.10

Description The issue exists due to the lack of measures to neutralize special elements in the software of PHOENIX CONTACT WP 6xxx web panels, which are used for management and monitoring in industrial systems. A remote attacker with SNMPv2 write privileges may use a special SNMP request to gain full access to the device, potentially impacting the confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 4.0.10, update to version 4.0.10 or later to resolve the issue. As a temporary workaround, consider restricting SNMPv2 write privileges to minimize the risk of exploitation.