Phoenix Contact PLCnext Control Integrity Check Fails to Identify Out-of-Band Logic Changes (CVE-2023-46144)

Version 1.3 Oct 2, 2024, 9:20 AM CVSS metrics ("CVSSv2 score" set to 6.8) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 severity (based on CVE-2023-46144, severity decreased from "High" to "Medium") Plugin Feed: 202410020920
Version 1.2 Oct 1, 2024, 2:07 PM CVSS metrics ("CVSSv2 score" set to none) CVSS metrics ("CVSSv2 vector" set to none) CVSS temporal metrics ("CVSSv2 temporal vector" set to none) CVSS temporal metrics ("CVSSv3 temporal vector" set to none) CVSSv2 severity (based on CVE-2023-46144, severity increased from "Medium" to "High") Detection (updated detection logic) Plugin metadata Plugin Feed: 202410011407
Version 1.1 Jan 9, 2024, 3:00 PM CVSS metrics ("CVSSv2 score" set to 6.8. "CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 severity (based on CVE-2023-46144, severity decreased from "High" to "Medium") Exploit attributes ("Exploit available" set to "False") Plugin Feed: 202401091500
Version 1.0 Jan 8, 2024, 4:55 PM New Plugin Feed: 202401081655

* Changelogs are generally available for changes made after Nov 1, 2022