Primary

Context

Phoenix Contact CHARX SEC-3xxx Charging Controllers Remote Code Execution Vulnerability

Vulnerability

Patched

A vulnerability exists in Phoenix Contact CHARX SEC-3xxx charging controllers, all versions prior to 1.7.3, allowing unauthenticated remote attackers to modify device configurations and achieve remote code execution as root, under specific conditions.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution with root privileges on the affected device.

Remediation

Users are advised to upgrade to firmware version 1.7.3, which addresses this vulnerability. For general security recommendations regarding network-enabled devices, consult the Phoenix Contact Application Note Security.

Added: Jul 8, 2025, 7:33 AM

Updated: Jul 8, 2025, 7:33 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Phoenix Contact CHARX SEC-3xxx Charging Controllers Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Phoenix Contact CHARX SEC-3000

Phoenix Contact CHARX SEC-3050

Phoenix Contact CHARX SEC-3100

Phoenix Contact CHARX SEC-3150

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating