Phoenix Contact CHARX SEC-3000
Easy fix2 remedies
cpe:2.3:h:phoenixcontact:charx_sec-3000:*:*:*:*:*:*:*, +1 more
Easy fix2 remedies
- < 1.7.3
Phoenix Contact CHARX SEC-3000 Series Unauthenticated OCPP Backend Configuration Vulnerability
Vulnerability
Patched
A vulnerability exists in Phoenix Contact CHARX SEC-3000 series charging controllers, all versions prior to 1.7.3. An unauthenticated adjacent attacker can exploit this vulnerability to configure a new OCPP backend, due to insecure default settings in the configuration interface.
Impact
Exploitation of this vulnerability could lead to unauthorized configuration changes, potentially allowing for malicious OCPP backend setups.
Remediation
Users are advised to upgrade to firmware version 1.7.3, which addresses this vulnerability. For general security recommendations, refer to the Phoenix Contact Application Note Security.
Added: Jul 8, 2025, 7:31 AM
Updated: Jul 8, 2025, 7:31 AM
Vulnerability Rating
Custom Algorithm
spread
1.4impact
7.5exploitability
4.9remediation
7.9relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.