[Control Systems] Phoenix Contact Security Advisory (AV26-514)

Serial number: AV26-514
Date: May 27, 2026

On May 27, 2026, Phoenix Contact published a security advisory to address vulnerabilities in the following products:

• AXC F – multiple models and versions prior to 2026.0.3
• BCP 9102S – versions prior to 2026.0.3
• EPC 1522 – versions prior to 2026.0.3
• RFC 4072R – versions prior to 2026.0.3
• RFC 4072S – versions prior to 2026.0.3
• VL3 UPC 2440 EDGE – versions prior to 2026.0.3
• VPLCNEXT CONTROL – multiple models and versions prior to 2026.0.3

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, once available.

• VDE-2026-050: Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files (PDF)
• Phoenix Contact Security Advisories