CNNVD-202507-864 Information
CNNVD ID
CNNVD-202507-864
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
PHOENIX CONTACT CHARX SEC-3000等都是德国菲尼克斯电气(PHOENIX CONTACT)公司的产品。PHOENIX CONTACT CHARX SEC-3000是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3050是一个 AC 充电控制器。PHOENIX CONTACT CHARX SEC-3100是一个 AC 充电控制器。 PHOENIX CONTACT CHARX SEC-3xxx存在安全漏洞,该漏洞源于未经身份验证的远程攻击者可使用MQTT消息在符合德国校准法的充电站中触发越界写入,可能导致EichrechtAgents完整性丢失和潜在拒绝服务。
Description (English)
PHOENIX CONTACT CHARX SEC-3000, etc., are products of PHOENIX CONTACT, Germany. PHOENIX CONTACT CHARX SEC-3000 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3100 is an AC charge controller. PHOENIX CONTACT CHARX SEC-3xx has a security loophole, which stems from the fact that unidentified long-range assailants can use MQTT messages to trigger cross-border writing at charging stations that are compliant with German calibration, which may result in the loss of EichrechtAgents ’ integrity and potential denial of services.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Phoenix Site
Published
2025-07-08
Last Modified
2026-02-24
References
https://certvde.com/en/advisories/VDE-2025-014
Patch
https://www.phoenixcontact.com/en-us/
Share on: