CVE-2024-28133

Severity CVSS v4.0:
Pending analysis
Type:
CWE-426 Untrusted Search Path
Publication date:
14/05/2024
Last modified:
23/01/2025

Description

A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges. 

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:phoenixcontact:charx_sec-3000_firmware:*:*:*:*:*:*:*:* 1.5.1 (including)
cpe:2.3:h:phoenixcontact:charx_sec-3000:-:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:charx_sec-3050_firmware:*:*:*:*:*:*:*:* 1.5.1 (including)
cpe:2.3:h:phoenixcontact:charx_sec-3050:-:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:charx_sec-3100_firmware:*:*:*:*:*:*:*:* 1.5.1 (including)
cpe:2.3:h:phoenixcontact:charx_sec-3100:-:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:charx_sec-3150_firmware:*:*:*:*:*:*:*:* 1.5.1 (including)
cpe:2.3:h:phoenixcontact:charx_sec-3150:-:*:*:*:*:*:*:*