CVE-2023-46143

Name of the Vulnerable Software and Affected Versions PHOENIX CONTACT classic line PLCs (affected versions not specified) AXC 1050 AXC 1050 XC AXC 3050 FC 350 PCI ETH

Description The issue allows an unauthenticated remote attacker to modify some or all applications on a PLC due to a lack of code integrity check during download. This can potentially lead to unauthorized access, modification, or deletion of data.

Recommendations For PHOENIX CONTACT classic line PLCs, update to a version that includes a fix for the code integrity check issue. For AXC 1050, consider implementing additional security measures to prevent unauthorized access until a patch is available. For AXC 1050 XC, restrict access to sensitive applications to minimize the risk of exploitation. For AXC 3050, avoid using unverified code sources to prevent potential attacks. For FC 350 PCI ETH, apply configuration changes to enhance security and prevent unauthorized modifications. At the moment, there is no information about a newer version that contains a fix for this vulnerability.