Phoenixcontact Charx Sec-3050 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Phoenixcontact Charx Sec-3050 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2024-25995 — CVSS 9.8 (critical): An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to…
CVE-2025-25270 — CVSS 9.8 (critical): An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific…
CVE-2025-25268 — CVSS 8.8 (high): An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write…
CVE-2025-25271 — CVSS 8.8 (high): An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface.
CVE-2024-26288 — CVSS 8.7 (high): An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is…
CVE-2024-6788 — CVSS 8.6 (high): A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the…
CVE-2024-25999 — CVSS 8.4 (high): An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.
CVE-2025-25269 — CVSS 8.4 (high): An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.
CVE-2025-24003 — CVSS 8.2 (high): An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German…
CVE-2025-24005 — CVSS 7.8 (high): A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input…
CVE-2024-28136 — CVSS 7.8 (high): A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation…
CVE-2024-26002 — CVSS 7.8 (high): An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the…
CVE-2024-28137 — CVSS 7.8 (high): A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.
CVE-2024-28133 — CVSS 7.8 (high): A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges.
CVE-2025-24006 — CVSS 7.8 (high): A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root.
CVE-2024-26003 — CVSS 7.5 (high): An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging…
CVE-2024-26004 — CVSS 7.5 (high): An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the…
CVE-2024-26001 — CVSS 7.4 (high): An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force…
CVE-2024-25998 — CVSS 7.3 (high): An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input…
CVE-2024-28134 — CVSS 7.0 (high): An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges…
CVE-2024-26000 — CVSS 5.9 (medium): An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack…
CVE-2024-3913 — CVSS 5.9 (medium): An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time…
CVE-2024-25996 — CVSS 5.3 (medium): An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the…
CVE-2024-25994 — CVSS 5.3 (medium): An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and…
CVE-2024-25997 — CVSS 5.3 (medium): An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.
CVE-2025-24002 — CVSS 5.3 (medium): An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law…
CVE-2025-24004 — CVSS 5.2 (medium): A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a…
CVE-2024-28135 — CVSS 5.0 (medium): A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app…
CVE-2024-26005 — CVSS 4.8 (medium): An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS.