← back
CVE-2016-8366

CVE-2016-8366

EPSS 5.8%CWE-312
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text.
Affected products
Phoenix Contact · Phoenix Contact ILC PLCs
public PoCs found2
cve_referencewww.exploit-db.com/exploits/45586/unverifiedexploitdbwww.exploit-db.com/exploits/45586unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-313-01https://www.exploit-db.com/exploits/45586/http://www.securityfocus.com/bid/94163