The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote attacker can send a crafted websocket message to trigger the issue without affecting the core functionality.
https://www.securityweek.com/vulnerabilities-allow-disruption-of-phoenix-contact-ups-devices/