← back
CVE-2022-3737

Out-of-bounds Read in PHOENIX CONTACT Automationworx Software Suite

CVSS 7.8 HIGHEPSS 0.2%CWE-125
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended scope due to insufficient validation of input data. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
PHOENIX CONTACT · Config+PHOENIX CONTACT · PC WorxPHOENIX CONTACT · PC Worx Express

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert.vde.com/en/advisories/VDE-2022-048/