Description
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
Exploits (1)
Scores
CVSS v3
7.3
EPSS
0.1253
EPSS Percentile
94.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-287
CWE-592
Status
published
Products (1)
phoenixcontact/ilc_plcs_firmware
Published
Apr 05, 2018
Tracked Since
Feb 18, 2026