Vulnerability in Phoenix Contact Ilc Plcs

CVE-2016-8371

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.

EPSS: 0.125 (94.1th percentile) — read the EPSS interpretation.

Affected products

Phoenix Contact Ilc Plcs — versions All ILC 1xx PLCs

Weakness classification (CWE)

CWE-592

References

ics-cert.us-cert.gov/advisories/ICSA-313-01 (x_refsource_MISC)
45590 (exploit, x_refsource_EXPLOIT-DB)
94163 (vdb-entry, x_refsource_BID)