Charx sec-3100

This hub aggregates every CVE we track for Charx sec-3100, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Charx sec-3100.

• CVE-2026-41032Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers7.5Jun 3, 2026
• CVE-2025-41699Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers8.8Oct 14, 2025
• CVE-2025-25271OCPP Backend Configuration via Insecure Defaults8.8Jul 8, 2025
• CVE-2025-25270Remote Code Execution via Unauthenticated Configuration Manipulation9.8Jul 8, 2025
• CVE-2025-25269Local Privilege Escalation via Unauthenticated Command Injection8.4Jul 8, 2025
• CVE-2025-25268Unauthenticated Configuration Access via Exposed API Endpoint8.8Jul 8, 2025
• CVE-2025-24006Privilege Escalation via Insecure SSH Permissions7.8Jul 8, 2025
• CVE-2025-24005Local Privilege Escalation via Vulnerable SSH Script7.8Jul 8, 2025
• CVE-2025-24004USB-C Buffer Overflow via Display Interface in EV Charging Stations5.2Jul 8, 2025
• CVE-2025-24003MQTT OOB Write Vulnerability in EichrechtAgents of German EV Charging Stations8.2Jul 8, 2025
• CVE-2025-24002MQTT DoS Vulnerability in German EV Charging Stations5.3Jul 8, 2025
• CVE-2024-11497Phoenix Contact: CHARX-SEC3xxx Charge controllers vulnerable to privilege escalation8.8Jan 14, 2025
• CVE-2024-6788Phoenix Contact: update feature from CHARX controller can be used to reset a low privilege user password8.6Aug 13, 2024
• CVE-2024-28137PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series 7.8May 14, 2024
• CVE-2024-28136PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service7.8May 14, 2024