Phoenixcontact Charx_sec-3000_firmware
29 CVEs affecting Phoenixcontact Charx_sec-3000_firmware. Latest disclosed: 2025-07-08. Critical: 2, High: 18.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-25270 | Critical | 9.8 | 2025-07-08 | An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations. |
CVE-2024-25995 | Critical | 9.8 | 2024-03-12 | An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input valid… |
CVE-2025-25271 | High | 8.8 | 2025-07-08 | An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface. |
CVE-2025-25268 | High | 8.8 | 2025-07-08 | An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing… |
CVE-2024-26288 | High | 8.7 | 2024-03-12 | An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected. |
CVE-2024-6788 | High | 8.6 | 2024-08-13 | A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileg… |
CVE-2025-25269 | High | 8.4 | 2025-07-08 | An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation. |
CVE-2024-25999 | High | 8.4 | 2024-03-12 | An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service. |
CVE-2025-24003 | High | 8.2 | 2025-07-08 | An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting… |
CVE-2025-24006 | High | 7.8 | 2025-07-08 | A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root. |
CVE-2025-24005 | High | 7.8 | 2025-07-08 | A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. |
CVE-2024-28137 | High | 7.8 | 2024-05-14 | A local attacker with low privileges can perform a privilege escalation with an init script due… |
CVE-2024-28136 | High | 7.8 | 2024-05-14 | A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote s… |
CVE-2024-28133 | High | 7.8 | 2024-05-14 | A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges. … |
CVE-2024-26002 | High | 7.8 | 2024-03-12 | An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files. |
CVE-2024-26004 | High | 7.5 | 2024-03-12 | An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality. |
CVE-2024-26003 | High | 7.5 | 2024-03-12 | An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality. |
CVE-2024-26001 | High | 7.4 | 2024-03-12 | An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always succ… |
CVE-2024-25998 | High | 7.3 | 2024-03-12 | An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation. |
CVE-2024-28134 | High | 7.0 | 2024-05-14 | An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-b… |