loader gif

Flaws in Phoenix Contact Automationworx Allow Code Execution via Malicious Files

Flaws in Phoenix Contact Automationworx Allow Code Execution via Malicious Files (Malware and Vulnerabilities)

Several vulnerabilities affecting the Phoenix Contact Automationworx automation software suite can be exploited for remote code execution using specially crafted project files. The flaws have been found to impact two components of Automationworx versions 1.86 and earlier: PC Worx, a piece of engineering software for Phoenix Contact controllers; and Config+, a tool for configuring INTERBUS networks. The vulnerabilities can be exploited for arbitrary code execution in the context of the current process using manipulated PC Worx or Config+ project files. Related: Flaws Expose Phoenix Contact Industrial Switches to Attacks Related: Serious Flaws Found in Phoenix Contact Industrial Switches Related: Critical Flaws Patched in Phoenix Contact Industrial Switches

loader gif