0.0
CVE-2025-62444 -
Not used
0.0
CVE-2025-62441 -
Not used
0.0
CVE-2025-62440 -
Not used
0.0
CVE-2025-62442 -
Not used
5.3
CVE-2025-41707 - Phoenix Contact: WebSocket Handler Denial of Service
The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality.
5.3
CVE-2025-41706 - Phoenix Contact: Webserver Denial of Service through Malformed Content-Length
The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality.
6.8
CVE-2025-41705 - Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials
An unauthenticated remote attacker (MITM) can intercept the websocket messages to gain access to the login credentials for the Webfrontend.
5.3
CVE-2025-41704 - Phoenix Contact: Unauthenticated Modbus Service DoS via Crafted Function Code
An unauthanticated remote attacker can perform a DoS of the Modbus service by sending a specific function and sub-function code without affecting the core functionality.
7.5
CVE-2025-41703 - Phoenix Contact: UPS Shutdown via Unauthenticated Modbus Command
An unauthenticated remote attacker can cause a Denial of Service by turning off the output of the UPS via Modbus command.
5.7
CVE-2025-55078 - Incomplete validation of kernel object pointers in system calls
In Eclipse ThreadX before version 6.4.3, an attacker can cause a denial of service (crash) by providing a pointer to a reserved or unmapped memory region. Vulnerable system calls had a check of pointers, but that check wasn't verifying whether the pointer is outside the module memory region.