VDB

VDE-2022-010

VDE-2022-010 PUBLISHED CVSS 8.800000190734863 HIGH

PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities. Firmware components in version 2021.06 had already been updated. For the 2022.0 LTS version more firmware components have been updated implicitly fixing the vulnerabilities listed. The vulnerabilities listed above have not been individually verified in terms of actual impact and/or limitations in combination with the affected products listed. The current LTS release 2022.0 LTS contains updates of integrated third-party libraries, SDKs and other third-party software to address these issues nevertheless. UPDATE A (April 4th, 2022): Added RFC 4072 (Art. No. 1051328) and fixed affected version of AXC F 3152

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Firmware <2022.0.5 LTS
RFC 4072
AXC F 3152
AXC F 2152
Firmware 2022.0.5 LTS
Firmware <2022.0.3 LTS
AXC F 1152
Firmware 2022.0.3 LTS

Timeline

  • Apr 12, 2022 CVE Published
  • May 22, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›