An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Multiprog | Phoenixcontact | * | * |
Proconos | Phoenixcontact | * | * |
Proconos_eclr | Phoenixcontact-software | - (including) | - (including) |