Primary

Context

Phoenix Contact CHARX SEC-3xxx Charging Controllers Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability exists in Phoenix Contact CHARX SEC-3xxx charging controllers, all versions prior to 1.7.3. This vulnerability allows an unauthenticated local attacker to inject a command that is executed with root privileges, leading to unauthorized privilege escalation.

Impact

Exploitation of this vulnerability results in unauthorized privilege escalation, allowing an attacker to execute commands as the root user.

Remediation

Users are advised to upgrade to firmware version 1.7.3, which addresses this vulnerability. For general security recommendations regarding network-enabled devices, consult the Phoenix Contact Application Note Security.

Added: Jul 8, 2025, 7:35 AM

Updated: Jul 8, 2025, 7:35 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

3.5

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

3.5

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Phoenix Contact CHARX SEC-3xxx Charging Controllers Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Phoenix Contact CHARX SEC-3000

Phoenix Contact CHARX SEC-3050

Phoenix Contact CHARX SEC-3100

Phoenix Contact CHARX SEC-3150

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating