Phoenix Contact CHARX SEC-3000
Easy fix2 remedies
cpe:2.3:h:phoenixcontact:charx_sec-3000:*:*:*:*:*:*:*, +1 more
Easy fix2 remedies
- <= 1.6.5
- < 1.7.3
Phoenix Contact CHARX SEC-3xxx Charging Controllers Buffer Copy Vulnerability Leading to Integrity Loss and Denial-of-Service
Vulnerability
Patched
A vulnerability exists in Phoenix Contact CHARX SEC-3xxx charging controllers, specifically in versions through 1.6.5 and prior to 1.7.3. This vulnerability allows a physical attacker with access to the device's display via USB-C to send a message that triggers an insecure copy to a buffer. This action results in a loss of integrity and causes a temporary denial-of-service on the affected stations, which must be restarted by the watchdog.
Impact
Exploitation of this vulnerability leads to a loss of integrity and a temporary denial-of-service on the affected devices until they are restarted by the watchdog.
Remediation
Users are advised to upgrade to firmware version 1.7.3, which addresses other vulnerabilities but not this specific issue. For general security recommendations, refer to the Phoenix Contact Application Note Security.
Added: Jul 8, 2025, 7:43 AM
Updated: Jul 8, 2025, 7:43 AM
Vulnerability Rating
Custom Algorithm
spread
1.4impact
1.3exploitability
3.5remediation
7.9relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.