Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc_plcs_firmware | - |
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-592,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc_plcs_firmware | - |
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-767,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc_plcs_firmware | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | oncommand_performance_manager | - |
| netapp | vasa_provider | 6.0 |
| netapp | vasa_provider | * |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| netapp | virtual_storage_console | 6.2.2 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| redhat | satellite | 5.8 |
| oracle | jrockit | r28.3.14 |
| redhat | enterprise_linux_server_tus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 10.0 |
| netapp | element_software | - |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | e-series_santricity_storage_manager | - |
| netapp | oncommand_balance | - |
| redhat | satellite | 5.8 |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | oncommand_performance_manager | - |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | e-series_santricity_os_controller | * |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| netapp | virtual_storage_console | 6.2.2 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| redhat | satellite | 5.8 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| netapp | oncommand_unified_manager | 7.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| redhat | satellite | 5.8 |
| oracle | jrockit | r28.3.14 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| redhat | satellite | 5.8 |
| oracle | jrockit | r28.3.14 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| redhat | satellite | 5.8 |
| oracle | jrockit | r28.3.14 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| phoenixcontact | fl_mguard_dm | 1.8.0 |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| netapp | oncommand_shift | - |
| netapp | e-series_santricity_storage_manager | - |
| netapp | oncommand_balance | - |
| oracle | jrockit | r28.3.14 |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| netapp | oncommand_unified_manager | * |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | virtual_storage_console | * |
| netapp | steelstore_cloud_integrated_storage | - |
| netapp | virtual_storage_console | 6.0 |
| oracle | jre | 1.7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| oracle | jrockit | r28.3.14 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| netapp | oncommand_shift | - |
| netapp | e-series_santricity_storage_manager | - |
| netapp | oncommand_balance | - |
| oracle | jrockit | r28.3.14 |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | e-series_santricity_os_controller | * |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| netapp | oncommand_unified_manager | * |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | virtual_storage_console | * |
| netapp | steelstore_cloud_integrated_storage | - |
| netapp | virtual_storage_console | 6.0 |
| oracle | jre | 1.7.0 |
| netapp | element_software | - |
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.2 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | virtual_storage_console | - |
| netapp | snapmanager | - |
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.8.0 |
| phoenixcontact | fl_mguard_dm | * |
| redhat | enterprise_linux_server_aus | 7.3 |
| netapp | oncommand_shift | - |
| redhat | enterprise_linux_eus | 7.4 |
| netapp | oncommand_balance | - |
| netapp | active_iq_unified_manager | * |
| netapp | cloud_backup | - |
| debian | debian_linux | 9.0 |
| oracle | jdk | 1.7.0 |
| netapp | vasa_provider_for_clustered_data_ontap | 6.0 |
| netapp | oncommand_performance_manager | - |
| redhat | enterprise_linux_desktop | 7.0 |
| netapp | virtual_storage_console | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | jre | 1.7.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| oracle | jre | 1.6.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| netapp | e-series_santricity_storage_manager | - |
| oracle | jrockit | r28.3.14 |
| redhat | enterprise_linux_server_tus | 7.3 |
| netapp | vasa_provider_for_clustered_data_ontap | * |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.5 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | storage_replication_adapter_for_clustered_data_ontap | 9.6 |
| debian | debian_linux | 8.0 |
| netapp | e-series_santricity_os_controller | * |
| oracle | jdk | 1.6.0 |
| netapp | oncommand_unified_manager | - |
| netapp | oncommand_insight | - |
| redhat | enterprise_linux_server_aus | 7.4 |
| netapp | oncommand_unified_manager | * |
| redhat | enterprise_linux_eus | 7.6 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | storage_replication_adapter_for_clustered_data_ontap | * |
| netapp | steelstore_cloud_integrated_storage | - |
| redhat | enterprise_linux_server | 6.0 |
| netapp | virtual_storage_console | 6.0 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_server_tus | 7.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| netapp | element_software | - |
A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions prior to 1.99, 2.20, or 2.40). The cross-site scripting vulnerability has been identified, which may allow remote code execution.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_comserver_bas_232_firmware | 2.40 |
| phoenixcontact | psi-modem/eth_firmware | 2.20 |
| phoenixcontact | fl_comserver_basic_485_firmware | 2.40 |
| phoenixcontact | fl_com_server_rs485_firmware | 1.99 |
| phoenixcontact | fl_comserver_uni_485_firmware | 2.40 |
| phoenixcontact | fl_comserver_uni_485-t_firmware | 2.40 |
| phoenixcontact | fl_comserver_bas_422_firmware | 2.40 |
| phoenixcontact | fl_comserver_uni_422_firmware | 2.40 |
| phoenixcontact | fl_comserver_basic_232_firmware | 2.40 |
| phoenixcontact | fl_comserver_uni_232_firmware | 2.40 |
| phoenixcontact | fl_comserver_basic_422_firmware | 2.40 |
| phoenixcontact | fl_com_server_rs232_firmware | 1.99 |
| phoenixcontact | fl_comserver_bas_485-t_firmware | 2.40 |
An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to use Monitor Mode on the device to read diagnostic information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to craft special HTTP requests allowing an attacker to bypass web-service authentication allowing the attacker to obtain administrative privileges on the device.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-285,CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to Version 8.4.0 via the update-upload facility, the update will succeed, but it will reset the password of the admin user to its default value.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-99,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | mguard_firmware | 8.4.0 |
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.6 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N | 1.1 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| intel | core_i5 | 470um |
| intel | core_i7 | 4710hq |
| intel | xeon_e3_1270_v2 | - |
| phoenixcontact | vl2_ppc_9000_firmware | - |
| oracle | solaris | 10 |
| synology | router_manager | * |
| intel | core_i5 | 2450m |
| intel | xeon_e5 | 4650 |
| intel | xeon_e3_1240_v6 | - |
| intel | atom_c | c2558 |
| intel | xeon | x3460 |
| intel | xeon | x5675 |
| intel | xeon_e7 | 4880_v2 |
| intel | core_i5 | 2540m |
| intel | xeon_e3_1240 | - |
| intel | core_i3 | 6098p |
| intel | core_i5 | 4690t |
| intel | xeon_platinum | 8164 |
| intel | xeon_e3_1278l_v4 | - |
| intel | core_i5 | 3450 |
| intel | xeon_platinum | 8176 |
| vmware | workstation | * |
| intel | xeon_e5 | 2699r_v4 |
| phoenixcontact | dl_ppc15_1000_firmware | - |
| intel | xeon_platinum | 8168 |
| intel | core_i5 | 6287u |
| intel | xeon_e3_1285_v4 | - |
| intel | core_i3 | 370m |
| intel | core_i7 | 620um |
| intel | atom_x7-e3950 | - |
| intel | xeon_platinum | 8170 |
| intel | core_i5 | 6200u |
| intel | core_i5 | 2500 |
| intel | atom_c | c3758 |
| intel | core_i3 | 3227u |
| intel | xeon_phi | 7230 |
| intel | xeon_phi | 7285 |
| intel | core_i3 | 2105 |
| intel | core_i5 | 3230m |
| intel | core_i7 | 3667u |
| intel | core_i5 | 2515e |
| intel | xeon_e5 | 4655_v4 |
| intel | xeon_silver | 4112 |
| intel | xeon | e5503 |
| intel | core_i7 | 860 |
| intel | xeon | x5677 |
| intel | xeon_e5 | 2687w_v4 |
| intel | xeon_e3_1270 | - |
| intel | core_i5 | 2410m |
| intel | core_i5 | 3439y |
| intel | xeon_e3_1240l_v3 | - |
| intel | core_i7 | 2600k |
| intel | core_i7 | 2637m |
| intel | xeon | e7530 |
| intel | xeon_e5 | 2697_v2 |
| intel | xeon_e5_2630l | - |
| canonical | ubuntu_linux | 12.04 |
| intel | core_i5 | 3427u |
| intel | xeon_e3_1245_v2 | - |
| intel | core_i3 | 2330m |
| intel | xeon_e3 | 1558l_v5 |
| intel | xeon_e3_1230l_v3 | - |
| intel | xeon_phi | 7295 |
| intel | celeron_n | n2810 |
| intel | xeon | x5670 |
| intel | core_i7 | 5700hq |
| intel | xeon_e-1105c | - |
| intel | xeon_e3_1240_v2 | - |
| intel | core_i7 | 610e |
| intel | core_i7 | 7700k |
| intel | core_i5 | 2320 |
| intel | xeon_e3_1270_v5 | - |
| intel | core_i7 | 2920xm |
| intel | core_i7 | 4720hq |
| intel | xeon_e7 | 4820 |
| intel | core_i7 | 2630qm |
| phoenixcontact | vl2_bpc_9000_firmware | - |
| intel | xeon | l5520 |
| intel | core_i7 | 4650u |
| intel | core_i7 | 4500u |
| intel | xeon_e7 | 4809_v2 |
| intel | core_i7 | 5650u |
| intel | core_i3 | 2310e |
| netapp | hci | - |
| intel | core_i7 | 4900mq |
| intel | core_i3 | 330um |
| intel | xeon_e5 | 2670 |
| siemens | simatic_winac_rtx_(f)_2010_firmware | * |
| intel | xeon_e5 | 2690 |
| intel | core_i7 | 4790s |
| intel | xeon_gold | 6154 |
| intel | core_i3 | 2357m |
| intel | core_i3 | 4370t |
| intel | xeon_e3_1290 | - |
| intel | xeon_silver | 4116t |
| intel | xeon_e5_2650_v4 | - |
| intel | celeron_n | n3050 |
| intel | xeon_e3_1290_v2 | - |
| intel | xeon | l3406 |
| intel | xeon_e3_1225_v3 | - |
| intel | atom_c | c2730 |
| intel | celeron_n | n3350 |
| intel | xeon | x5690 |
| intel | core_i5 | 3437u |
| intel | core_m | 5y70 |
| intel | xeon | l5506 |
| intel | xeon_e5 | 2667_v2 |
| intel | core_i3 | 2310m |
| intel | core_i7 | 2649m |
| intel | xeon_e7 | 4850_v2 |
| intel | xeon_e7 | 4830_v2 |
| intel | xeon_e5_2603 | - |
| intel | xeon | x3480 |
| intel | core_i7 | 3520m |
| intel | xeon_e7 | 2850_v2 |
| intel | core_m | 5y31 |
| intel | core_i3 | 2100t |
| intel | core_i3 | 4170 |
| phoenixcontact | bl_ppc17_1000_firmware | - |
| arm | cortex-a75_firmware | - |
| intel | xeon_e5_2648l_v3 | - |
| intel | xeon_gold | 6142f |
| phoenixcontact | vl_bpc_1000_firmware | - |
| intel | atom_z | z2460 |
| phoenixcontact | bl_ppc_7000_firmware | - |
| intel | core_i5 | 4310m |
| phoenixcontact | vl2_ppc_7000_firmware | - |
| intel | atom_x3 | c3445 |
| intel | celeron_j | j3060 |
| intel | xeon_e3_1275l_v3 | - |
| intel | xeon_e5 | 4607 |
| intel | core_i3 | 4030y |
| intel | xeon_e3_1260l_v5 | - |
| intel | xeon_gold | 6130t |
| intel | xeon_e7 | 4820_v2 |
| intel | xeon | e5645 |
| intel | atom_x3 | c3265rk |
| intel | xeon_gold | 6146 |
| arm | cortex-a9_firmware | - |
| intel | core_i3 | 2328m |
| intel | core_i5 | 520um |
| intel | core_i5 | 4460 |
| intel | xeon_e5 | 2667_v3 |
| intel | xeon_e5 | 4655_v3 |
| intel | core_i5 | 5575r |
| intel | xeon_e7 | 8870_v3 |
| intel | core_i5 | 580m |
| intel | xeon_e5_2438l_v3 | - |
| intel | xeon_e5_2650_v3 | - |
| intel | celeron_n | n3160 |
| intel | xeon_e5_2603_v4 | - |
| intel | core_i5 | 6300u |
| intel | xeon_e5_2450_v2 | - |
| intel | core_i3 | 6157u |
| intel | xeon_e7 | 2830 |
| arm | neoverse_n2_firmware | - |
| intel | core_i7 | 4770te |
| intel | core_i3 | 6100h |
| intel | core_i5 | 430um |
| intel | xeon_e5 | 2670_v3 |
| intel | core_i5 | 2500k |
| intel | core_i5 | 3470 |
| intel | xeon_gold | 6136 |
| intel | core_i3 | 560 |
| siemens | simatic_itc1900_pro_firmware | * |
| intel | core_i7 | 5950hq |
| intel | core_i3 | 3245 |
| intel | xeon_e5_2418l_v3 | - |
| intel | core_i3 | 4360 |
| intel | core_i5 | 4302y |
| intel | xeon_e3_1505l_v5 | - |
| phoenixcontact | el_ppc_1000_firmware | - |
| pepperl-fuchs | btc14_firmware | - |
| intel | xeon_e5 | 2667_v4 |
| intel | core_i3 | 4012y |
| intel | core_i3 | 6300 |
| intel | xeon_e5_2608l_v4 | - |
| intel | core_i7 | 990x |
| intel | core_i5 | 4670 |
| intel | atom_e | e3827 |
| intel | core_i7 | 940xm |
| intel | xeon | x3470 |
| intel | atom_z | z3775d |
| intel | atom_z | z3795 |
| intel | xeon_e7 | 8837 |
| intel | xeon_gold | 5119t |
| intel | core_i3 | 540 |
| intel | core_i3 | 3217u |
| intel | core_i5 | 2500s |
| intel | core_i5 | 4288u |
| intel | celeron_n | n3060 |
| intel | core_i7 | 4600u |
| intel | xeon_e3_1125c_v2 | - |
| intel | atom_z | z3735d |
| intel | xeon_e5 | 2680 |
| phoenixcontact | bl_bpc_3000_firmware | - |
| intel | celeron_j | j3160 |
| intel | xeon_e7 | 8870_v2 |
| intel | core_i5 | 6260u |
| intel | celeron_j | j1900 |
| intel | xeon_e5 | 4620_v4 |
| intel | xeon_e5_2637_v2 | - |
| intel | xeon_e7 | 4850_v4 |
| arm | cortex-a12_firmware | - |
| intel | core_i3 | 4030u |
| intel | xeon_e7 | 8860_v4 |
| intel | xeon_e7 | 8870_v4 |
| intel | core_i3 | 2130 |
| intel | core_i7 | 2715qe |
| intel | xeon_e5 | 4640_v4 |
| intel | pentium_n | n3510 |
| intel | core_i7 | 4950hq |
| intel | core_i5 | 2510e |
| intel | core_i7 | 4712hq |
| intel | xeon_e5 | 2695_v2 |
| oracle | local_service_management_system | 13.1 |
| intel | xeon_e7 | 4820_v4 |
| intel | core_i7 | 820qm |
| intel | xeon_e5 | 4610_v3 |
| intel | atom_z | z3745 |
| intel | pentium_n | n3530 |
| phoenixcontact | vl2_ppc9_1000_firmware | - |
| intel | xeon | l5618 |
| intel | xeon_e3 | 1578l_v5 |
| canonical | ubuntu_linux | 17.10 |
| phoenixcontact | bl2_ppc_2000_firmware | - |
| intel | core_i5 | 4430 |
| intel | core_i5 | 3340 |
| intel | atom_z | z3736f |
| intel | celeron_n | n2840 |
| intel | celeron_n | n3010 |
| intel | xeon | e5603 |
| intel | xeon_e7 | 8890_v3 |
| intel | core_i7 | 4710mq |
| intel | core_i7 | 2657m |
| intel | xeon_e5_2418l_v2 | - |
| synology | vs960hd_firmware | - |
| intel | core_i7 | 5850eq |
| intel | atom_c | c3558 |
| intel | core_i3 | 4100u |
| intel | atom_x3 | c3295rk |
| intel | xeon_e5 | 4650_v2 |
| intel | xeon_e5 | 4669_v3 |
| intel | core_i3 | 2120 |
| intel | core_i5 | 4210h |
| intel | xeon_e5 | 4610_v2 |
| intel | core_i3 | 3250t |
| intel | celeron_n | n2830 |
| intel | core_i5 | 680 |
| intel | core_i7 | 4750hq |
| intel | atom_z | z3745d |
| intel | xeon_e5_2628l_v2 | - |
| phoenixcontact | el_ppc_1000/wt_firmware | - |
| intel | xeon_e5 | 2683_v3 |
| intel | xeon_e5_2650l_v2 | - |
| intel | atom_c | c2338 |
| intel | core_i3 | 3220 |
| intel | xeon_e5_2650l | - |
| intel | core_i5 | 4430s |
| intel | xeon_e5_2630l_v2 | - |
| intel | core_i5 | 3330s |
| intel | core_i7 | 3615qe |
| opensuse | leap | 42.2 |
| intel | core_i5 | 4360u |
| intel | core_m | 5y71 |
| intel | celeron_n | n2806 |
| intel | xeon_gold | 6126 |
| intel | core_i3 | 4010y |
| phoenixcontact | dl_ppc21.5m_7000_firmware | - |
| intel | xeon_e5_2620_v2 | - |
| intel | core_i3 | 6100 |
| intel | core_i5 | 6585r |
| intel | xeon | l5609 |
| intel | xeon_e5_2630l_v4 | - |
| opensuse | leap | 42.3 |
| intel | core_m | 5y10 |
| intel | celeron_n | n4100 |
| intel | core_i5 | 3570k |
| intel | core_i7 | 8700k |
| intel | core_i5 | 4260u |
| intel | atom_c | c2758 |
| vmware | esxi | 6.0 |
| intel | xeon_e5_2640_v4 | - |
| intel | celeron_n | n2920 |
| intel | core_i7 | 4850hq |
| intel | xeon_e5_2623_v3 | - |
| intel | core_i3 | 6300t |
| intel | core_i7 | 2655le |
| intel | xeon | e5606 |
| intel | xeon_e5 | 2697a_v4 |
| intel | xeon_e5 | 2660_v2 |
| intel | core_i5 | 4570te |
| intel | core_i7 | 3632qm |
| intel | xeon_e5 | 4627_v4 |
| intel | xeon_gold | 6142 |
| intel | xeon_gold | 6144 |
| intel | xeon | w3670 |
| intel | xeon_e5 | 2658a_v3 |
| intel | core_i5 | 4330m |
| intel | xeon_e7 | 8893_v3 |
| intel | xeon_gold | 6150 |
| intel | atom_c | c3538 |
| intel | xeon_e3_1220_v6 | - |
| phoenixcontact | bl2_bpc_1000_firmware | - |
| intel | core_i5 | 3470s |
| intel | core_i5 | 8250u |
| intel | atom_z | z3460 |
| intel | atom_c | c2750 |
| intel | core_i7 | 7920hq |
| intel | xeon_e5_2407 | - |
| intel | celeron_j | j1750 |
| suse | suse_linux_enterprise_desktop | 12 |
| intel | core_i3 | 2312m |
| intel | core_i5 | 6600k |
| intel | core_i3 | 8350k |
| intel | xeon_e5 | 4640 |
| intel | core_i3 | 4360t |
| intel | xeon_e5_2648l_v2 | - |
| intel | xeon_e7 | 2820 |
| synology | skynas | - |
| intel | atom_z | z3590 |
| intel | xeon_e7 | 8891_v4 |
| intel | core_i3 | 4350 |
| intel | core_i7 | 3740qm |
| intel | core_i7 | 7820eq |
| intel | xeon_platinum | 8158 |
| intel | xeon | x3430 |
| intel | xeon_e7 | 2860 |
| intel | xeon_e3_1105c_v2 | - |
| synology | diskstation_manager | * |
| intel | core_i3 | 3250 |
| intel | xeon_e7 | 4809_v3 |
| phoenixcontact | dl_ppc18.5m_7000_firmware | - |
| arm | cortex-a78_firmware | - |
| intel | xeon_e3 | 1545m_v5 |
| intel | core_i5 | 560um |
| intel | xeon_e5_2428l_v3 | - |
| intel | xeon_e7 | 8880l_v2 |
| intel | xeon_e5_2640_v2 | - |
| intel | core_i5 | 6600 |
| intel | xeon_e3_1275 | - |
| intel | core_i3 | 2348m |
| intel | core_i7 | 8650u |
| intel | core_i7 | 3610qm |
| intel | core_i7 | 2635qm |
| intel | atom_c | c2738 |
| intel | core_i7 | 3840qm |
| intel | core_i3 | 4160 |
| intel | core_i3 | 6100te |
| intel | core_i7 | 3517u |
| intel | xeon_e7 | 4807 |
| intel | core_i3 | 380m |
| intel | core_i3 | 3240t |
| intel | core_i5 | 4278u |
| intel | core_i3 | 4100e |
| intel | core_i5 | 5250u |
| intel | xeon | x3450 |
| intel | xeon | x5570 |
| intel | core_i5 | 520m |
| intel | core_m3 | 6y30 |
| intel | xeon_e5_2428l_v2 | - |
| intel | xeon_e3_1230_v3 | - |
| intel | xeon_e3_1280 | - |
| intel | xeon_e5_1650_v3 | - |
| intel | core_i7 | 875k |
| intel | xeon_e3_1225_v2 | - |
| intel | xeon_e3_1276_v3 | - |
| intel | xeon_e5_2650_v2 | - |
| intel | core_i3 | 4330t |
| intel | core_i5 | 4460t |
| intel | core_i5 | 6300hq |
| intel | atom_c | c3708 |
| intel | xeon_e5_2620_v3 | - |
| intel | xeon | w5580 |
| intel | xeon_phi | 7210f |
| intel | core_i7 | 4610m |
| intel | core_i7 | 4700eq |
| intel | xeon_e7 | 8867_v4 |
| intel | xeon_e3_1245_v3 | - |
| intel | xeon_e5_2609 | - |
| intel | core_i3 | 3120m |
| intel | atom_x3 | c3230rk |
| intel | core_i7 | 660um |
| intel | xeon_e5_2609_v4 | - |
| intel | xeon_e5_2630l_v3 | - |
| intel | xeon | x5687 |
| intel | pentium_j | j3710 |
| intel | xeon_e5_2428l | - |
| intel | core_i7 | 3610qe |
| intel | core_i3 | 2125 |
| intel | core_i5 | 4422e |
| intel | core_i5 | 4570t |
| intel | xeon_gold | 6138 |
| intel | core_i3 | 4025u |
| intel | xeon_e5 | 2665 |
| arm | cortex-r7_firmware | - |
| intel | xeon_e3 | 1585l_v5 |
| phoenixcontact | vl_bpc_2000_firmware | - |
| intel | core_i3 | 5015u |
| intel | core_i5 | 4350u |
| intel | xeon_e3_1230_v6 | - |
| intel | core_i7 | 3630qm |
| intel | xeon_e5 | 2650l_v4 |
| intel | xeon_gold | 5120 |
| intel | celeron_n | n2808 |
| intel | xeon_e3_1285l_v3 | - |
| intel | xeon_e5 | 4603 |
| intel | core_i5 | 670 |
| intel | xeon_e5_2608l_v3 | - |
| intel | core_i7 | 950 |
| intel | core_i7 | 2600 |
| intel | core_i7 | 2710qe |
| intel | core_i7 | 2629m |
| intel | core_m5 | 6y57 |
| intel | xeon_e3_1220_v2 | - |
| intel | xeon_e5 | 4617 |
| intel | core_i3 | 3220t |
| intel | core_i3 | 8100 |
| intel | xeon | x5650 |
| intel | core_i7 | 7500u |
| intel | core_i5 | 2467m |
| phoenixcontact | bl_ppc15_7000_firmware | - |
| phoenixcontact | vl2_ppc12_1000_firmware | - |
| intel | xeon_e3_1235l_v5 | - |
| intel | xeon_e5_2408l_v3 | - |
| intel | atom_x3 | c3130 |
| intel | xeon_e7 | 4830 |
| intel | core_i3 | 4160t |
| intel | pentium_j | j4205 |
| intel | xeon | x7550 |
| intel | core_i7 | 4702mq |
| intel | xeon_e5_1680_v4 | - |
| intel | core_i3 | 6100e |
| intel | xeon_e5 | 2660_v3 |
| intel | core_i3 | 4110m |
| intel | xeon_e7 | 8890_v4 |
| intel | core_i3 | 3217ue |
| intel | celeron_n | n2807 |
| intel | core_i5 | 6400 |
| intel | atom_z | z3770 |
| intel | core_i7 | 960 |
| synology | vs360hd_firmware | - |
| intel | celeron_n | n3150 |
| intel | xeon_e5 | 4624l_v2 |
| intel | core_i7 | 4765t |
| intel | xeon_e5_2637 | - |
| intel | core_i7 | 640m |
| intel | xeon_e7 | 4870_v2 |
| intel | core_m | 5y10c |
| intel | atom_c | c2718 |
| intel | xeon_e5_2618l_v3 | - |
| intel | xeon_e5_1660 | - |
| intel | core_i5 | 2400s |
| intel | xeon_e3_1265l_v2 | - |
| arm | cortex-r8_firmware | - |
| intel | xeon_phi | 7290f |
| intel | xeon_e5_2430l | - |
| intel | core_i7 | 4760hq |
| intel | xeon_gold | 6126f |
| intel | core_i7 | 4770hq |
| intel | core_i5 | 6685r |
| intel | xeon | ec5549 |
| phoenixcontact | bl_rackmount_4u_firmware | - |
| intel | core_i5 | 4200u |
| intel | xeon_gold | 5118 |
| intel | xeon_e5_1660_v3 | - |
| vmware | fusion | * |
| intel | atom_c | c3830 |
| intel | atom_z | z3740d |
| intel | core_i3 | 4150t |
| intel | atom_z | z3735g |
| intel | core_i7 | 3612qm |
| suse | suse_linux_enterprise_server | 11 |
| intel | atom_c | c3508 |
| intel | core_i5 | 4570 |
| intel | core_i3 | 5005u |
| siemens | simatic_itc1900_firmware | * |
| intel | xeon | e5507 |
| intel | xeon_e5 | 2697_v3 |
| intel | core_i3 | 3225 |
| intel | core_i7 | 7820hk |
| intel | core_i5 | 3340s |
| intel | xeon_e5 | 2695_v4 |
| intel | core_i5 | 5300u |
| intel | celeron_n | n2910 |
| intel | xeon_e5_2628l_v4 | - |
| phoenixcontact | bl_rackmount_2u_firmware | - |
| intel | core_i5 | 4202y |
| intel | xeon_e5_2618l_v4 | - |
| intel | xeon_e3_1265l_v3 | - |
| intel | xeon | e5506 |
| intel | xeon_gold | 6126t |
| intel | xeon | e5620 |
| intel | xeon_e7 | 2880_v2 |
| intel | core_i5 | 6267u |
| intel | core_i5 | 6500te |
| intel | core_i7 | 4790k |
| intel | core_i5 | 3550 |
| intel | xeon | e5520 |
| intel | xeon_gold | 6152 |
| intel | xeon_e7 | 8880_v2 |
| intel | xeon_e3_1245_v5 | - |
| intel | xeon_e5_1620_v3 | - |
| intel | xeon_e5 | 2699_v4 |
| intel | core_i3 | 4150 |
| intel | core_i5 | 760 |
| intel | core_i5 | 4402e |
| debian | debian_linux | 8.0 |
| intel | core_i3 | 5157u |
| intel | xeon_e5_2450 | - |
| intel | xeon_silver | 4116 |
| intel | xeon | e7520 |
| intel | core_i3 | 2370m |
| intel | core_i7 | 3517ue |
| phoenixcontact | bl2_bpc_2000_firmware | - |
| intel | core_i7 | 2675qm |
| intel | core_i3 | 4170t |
| intel | xeon | e5630 |
| intel | xeon | lc5528 |
| intel | xeon_e3_1505l_v6 | - |
| intel | atom_c | c3958 |
| intel | core_i5 | 3475s |
| intel | xeon_e5_2609_v2 | - |
| intel | core_i7 | 840qm |
| intel | core_i7 | 2700k |
| intel | xeon_e5 | 4648_v3 |
| intel | atom_x3 | c3405 |
| intel | xeon_e3_1505m_v5 | - |
| intel | xeon_e5 | 2680_v2 |
| intel | xeon_e3_1286_v3 | - |
| intel | xeon_e7 | 8850 |
| intel | core_i3 | 4340 |
| intel | xeon_e5 | 4610_v4 |
| intel | core_i3 | 4120u |
| intel | core_i7 | 2617m |
| intel | core_i7 | 920 |
| intel | xeon_e3_1258l_v4 | - |
| intel | core_i7 | 3537u |
| intel | xeon_e3_1220_v5 | - |
| intel | xeon_e5 | 2670_v2 |
| intel | xeon_e7 | 2850 |
| intel | xeon_e5_2630_v3 | - |
| intel | core_i5 | 6500 |
| intel | core_i3 | 4010u |
| intel | celeron_n | n2815 |
| intel | core_i5 | 3450s |
| intel | xeon_e7 | 4809_v4 |
| phoenixcontact | bl_bpc_7001_firmware | - |
| intel | atom_z | z3735e |
| intel | xeon_e5_1660_v2 | - |
| intel | xeon_e5_2470 | - |
| intel | core_i5 | 4200y |
| intel | xeon_e5 | 4667_v4 |
| intel | core_i7 | 740qm |
| intel | xeon_gold | 6138f |
| intel | core_i5 | 4590t |
| intel | core_i5 | 3380m |
| intel | core_i7 | 4700hq |
| intel | core_i7 | 4771 |
| intel | xeon_e5 | 4650l |
| intel | core_i5 | 5287u |
| intel | xeon_e3_1230_v5 | - |
| intel | atom_c | c2350 |
| phoenixcontact | bl_ppc15_3000_firmware | - |
| intel | xeon_e7 | 4860 |
| intel | core_i7 | 4870hq |
| canonical | ubuntu_linux | 16.04 |
| intel | core_i3 | 4110e |
| intel | xeon_platinum | 8170m |
| intel | xeon_e5 | 2660 |
| intel | core_i3 | 2365m |
| intel | core_i7 | 2677m |
| intel | core_i5 | 4670k |
| phoenixcontact | vl2_ppc_1000_firmware | - |
| intel | core_i5 | 650 |
| intel | core_i5 | 4460s |
| intel | xeon_e5 | 2690_v3 |
| intel | core_i7 | 4578u |
| intel | xeon_e5 | 2687w_v3 |
| intel | xeon_e5_2448l_v2 | - |
| intel | xeon_e7 | 4830_v4 |
| intel | core_i5 | 3210m |
| intel | core_i7 | 3540m |
| intel | core_m3 | 7y32 |
| suse | suse_linux_enterprise_server | 12 |
| intel | xeon_e7 | 8867l |
| intel | core_i3 | 4005u |
| intel | core_i7 | 4600m |
| intel | xeon_platinum | 8176m |
| intel | core_i5 | 3317u |
| intel | xeon_e3_1271_v3 | - |
| intel | core_i7 | 4770r |
| intel | core_i5 | 4200h |
| intel | core_i3 | 4340te |
| arm | cortex-x1_firmware | - |
| intel | atom_c | c3950 |
| intel | xeon_e5_2643_v2 | - |
| intel | core_i7 | 4770 |
| intel | core_i5 | 2450p |
| intel | xeon_e5 | 4607_v2 |
| intel | xeon_e5_1428l_v3 | - |
| intel | core_i3 | 4100m |
| intel | xeon | e5640 |
| intel | core_i3 | 2100 |
| intel | xeon_e5 | 2660_v4 |
| intel | xeon_e7 | 4850_v3 |
| phoenixcontact | valueline_ipc_firmware | - |
| intel | core_i3 | 6102e |
| intel | atom_z | z3770d |
| intel | xeon_gold | 6142m |
| phoenixcontact | bl2_bpc_7000_firmware | - |
| intel | core_i3 | 2120t |
| phoenixcontact | bl_ppc12_1000_firmware | - |
| intel | xeon_e5_2630_v2 | - |
| intel | xeon_e3_1270_v3 | - |
| intel | core_i5 | 4590s |
| intel | core_i7 | 3770 |
| intel | xeon_e7 | 4830_v3 |
| intel | core_i5 | 8400 |
| intel | xeon_platinum | 8176f |
| intel | celeron_j | j3455 |
| intel | xeon_gold | 6134 |
| intel | xeon_gold | 6148f |
| intel | core_i3 | 3130m |
| intel | core_i5 | 2557m |
| intel | xeon_e5 | 2687w_v2 |
| intel | xeon_e3_12201_v2 | - |
| intel | xeon_e3_1245 | - |
| intel | xeon_e5 | 2699_v3 |
| intel | pentium_n | n3700 |
| intel | xeon_e5_2648l_v4 | - |
| netapp | solidfire | - |
| intel | core_i7 | 965 |
| intel | atom_z | z3736g |
| intel | core_i3 | 6006u |
| intel | atom_z | z3735f |
| intel | xeon_e5 | 2658_v4 |
| intel | core_i3 | 330e |
| intel | core_i7 | 5775c |
| intel | xeon_e3_1268l_v5 | - |
| intel | core_i7 | 620lm |
| phoenixcontact | vl_bpc_3000_firmware | - |
| intel | xeon_e5_2420_v2 | - |
| oracle | local_service_management_system | 13.2 |
| intel | core_i3 | 3229y |
| intel | core_i5 | 2400 |
| intel | xeon | e7540 |
| intel | core_i7 | 4700mq |
| intel | xeon_e7 | 8880_v4 |
| phoenixcontact | bl_bpc_2001_firmware | - |
| intel | core_i7 | 3635qm |
| intel | core_i7 | 720qm |
| arm | cortex-a8_firmware | - |
| intel | core_i5 | 6402p |
| intel | xeon_e5_2609_v3 | - |
| intel | core_i7 | 3770t |
| intel | core_i7 | 2640m |
| intel | xeon | l5640 |
| intel | xeon_e5 | 4650_v4 |
| intel | xeon_e5 | 2658_v3 |
| intel | core_i7 | 5550u |
| intel | celeron_n | n2940 |
| intel | core_i7 | 3612qe |
| intel | atom_c | c2530 |
| intel | xeon_e5_2640 | - |
| arm | cortex-a76_firmware | - |
| intel | xeon | x5647 |
| phoenixcontact | bl_ppc17_3000_firmware | - |
| intel | core_i5 | 520e |
| intel | xeon_e5_2643_v3 | - |
| intel | core_i7 | 3615qm |
| intel | xeon_e5_2643_v4 | - |
| phoenixcontact | bl2_ppc_7000_firmware | - |
| intel | xeon | e5504 |
| intel | xeon_e3_1241_v3 | - |
| intel | xeon_e5_2643 | - |
| arm | cortex-a77_firmware | - |
| intel | core_i5 | 4590 |
| intel | xeon_e3_1285_v3 | - |
| intel | xeon_e3_1280_v3 | - |
| intel | core_i3 | 2375m |
| arm | cortex-a15_firmware | - |
| intel | xeon_e3_1125c | - |
| intel | xeon_e7 | 8891_v2 |
| intel | core_i5 | 5200u |
| intel | xeon_e5_2418l | - |
| intel | xeon_e7 | 8857_v2 |
| intel | xeon_platinum | 8153 |
| intel | xeon_e3 | 1535m_v5 |
| intel | core_m | 5y51 |
| intel | core_i5 | 3340m |
| intel | xeon_e3 | 1585_v5 |
| intel | xeon_gold | 5115 |
| intel | xeon | x5680 |
| intel | xeon | x6550 |
| intel | core_i7 | 5850hq |
| phoenixcontact | vl2_bpc_3000_firmware | - |
| intel | core_i5 | 4210m |
| intel | core_i7 | 3689y |
| intel | core_i3 | 3115c |
| intel | core_i7 | 5557u |
| intel | core_i5 | 480m |
| intel | core_i5 | 3337u |
| intel | core_i5 | 4440s |
| intel | core_i7 | 7700 |
| intel | core_i7 | 4960hq |
| phoenixcontact | vl2_ppc_2000_firmware | - |
| intel | xeon_e5_1650_v4 | - |
| intel | xeon | e5502 |
| intel | atom_e | e3825 |
| intel | xeon_gold | 6140m |
| intel | core_i3 | 6167u |
| intel | xeon_phi | 7250 |
| intel | xeon_e3_1260l | - |
| phoenixcontact | bl_bpc_3001_firmware | - |
| intel | xeon_e5_2403_v2 | - |
| intel | atom_e | e3845 |
| intel | xeon_e5 | 2697_v4 |
| vmware | esxi | 6.5 |
| intel | xeon | l3426 |
| intel | xeon_platinum | 8160m |
| intel | xeon_e3_1285l_v4 | - |
| phoenixcontact | vl_ppc_2000_firmware | - |
| arm | cortex-a73_firmware | - |
| intel | core_i5 | 2537m |
| intel | core_i7 | 880 |
| intel | xeon_e3_1235 | - |
| intel | xeon_e5_2403 | - |
| intel | core_i5 | 6600t |
| intel | core_i5 | 4690 |
| intel | xeon_e3_1268l_v3 | - |
| intel | core_i7 | 3720qm |
| siemens | simatic_winac_rtx_(f)_2010_firmware | 2010 |
| intel | xeon_e5_2470_v2 | - |
| intel | core_i7 | 2610ue |
| intel | xeon_e3 | 1565l_v5 |
| intel | xeon_e5_2630_v4 | - |
| intel | atom_z | z3785 |
| intel | xeon_e3_1230_v2 | - |
| intel | xeon_e3_1246_v3 | - |
| siemens | simatic_itc1500_pro_firmware | * |
| intel | core_i5 | 4670t |
| intel | core_i3 | 2350m |
| intel | atom_c | c3338 |
| intel | core_i3 | 4102e |
| intel | xeon_e5_2628l_v3 | - |
| intel | xeon | l5638 |
| intel | core_i5 | 5257u |
| intel | atom_z | z3480 |
| intel | core_m | 5y10a |
| intel | core_i3 | 4370 |
| intel | core_i5 | 450m |
| intel | xeon_e7 | 2803 |
| intel | core_i7 | 870 |
| intel | core_i5 | 3570s |
| intel | atom_x3 | c3200rk |
| intel | xeon_e5_2620_v4 | - |
| intel | xeon_e7 | 8880l_v3 |
| intel | xeon_e5 | 4627_v3 |
| intel | xeon_e5 | 2690_v2 |
| intel | xeon_e5 | 4660_v3 |
| intel | xeon_e7 | 8860 |
| intel | core_i5 | 8600k |
| intel | core_i7 | 7700t |
| intel | core_i5 | 750 |
| intel | atom_c | c2518 |
| intel | xeon | x5660 |
| intel | atom_z | z3580 |
| intel | xeon_silver | 4109t |
| intel | core_i7 | 2620m |
| intel | xeon_e5_1620_v2 | - |
| intel | xeon_e5 | 2698_v3 |
| intel | core_i5 | 4670s |
| intel | core_i3 | 4000m |
| intel | core_i5 | 2405s |
| arm | cortex-a57_firmware | - |
| intel | core_i5 | 4670r |
| intel | xeon_e3_1226_v3 | - |
| intel | xeon_e7 | 4850 |
| intel | xeon_gold | 6138t |
| intel | xeon_e5 | 4610 |
| phoenixcontact | vl2_bpc_7000_firmware | - |
| intel | xeon_phi | 7250f |
| intel | core_i5 | 2310 |
| intel | core_i5 | 4690s |
| intel | atom_z | z2560 |
| phoenixcontact | vl2_ppc7_1000_firmware | - |
| intel | xeon_e5_1620_v4 | - |
| intel | core_i7 | 3820qm |
| intel | xeon_e7 | 8891_v3 |
| intel | xeon_e5_2430 | - |
| intel | celeron_n | n2820 |
| intel | xeon_e3_1220_v3 | - |
| intel | celeron_n | n4000 |
| intel | core_i3 | 2115c |
| intel | core_i5 | 4402ec |
| intel | xeon_e7 | 2890_v2 |
| intel | core_i5 | 3350p |
| intel | core_i5 | 3550s |
| intel | core_i3 | 5020u |
| intel | core_i5 | 4410e |
| intel | core_i7 | 4550u |
| intel | atom_c | c2316 |
| intel | xeon_e5_2620 | - |
| phoenixcontact | bl2_ppc_1000_firmware | - |
| intel | atom_c | c3850 |
| intel | xeon | e5530 |
| intel | xeon_e5_2640_v3 | - |
| intel | pentium_n | n4200 |
| intel | core_i7 | 680um |
| intel | core_i3 | 4350t |
| intel | atom_c | c2508 |
| intel | core_i3 | 5010u |
| intel | xeon_e5_1428l | - |
| intel | xeon_e7 | 2870_v2 |
| intel | core_i7 | 2960xm |
| intel | xeon_e5 | 2658_v2 |
| intel | xeon | lc5518 |
| intel | core_i7 | 920xm |
| intel | xeon_e7 | 8890_v2 |
| intel | core_i3 | 2377m |
| intel | core_i7 | 860s |
| intel | core_i5 | 2390t |
| oracle | solaris | 11.3 |
| intel | core_i7 | 970 |
| intel | core_i5 | 6440eq |
| intel | xeon_e3_1281_v3 | - |
| intel | core_i7 | 4510u |
| intel | core_i5 | 3610me |
| intel | core_i3 | 6100t |
| intel | xeon_e3_1225_v5 | - |
| arm | cortex-a72_firmware | - |
| intel | celeron_j | j4105 |
| intel | xeon_e7 | 8893_v2 |
| intel | xeon_e7 | 8894_v4 |
| intel | core_i3 | 3110m |
| intel | xeon_e5_1620 | - |
| intel | atom_c | c3308 |
| intel | core_i5 | 2380p |
| intel | atom_e | e3826 |
| intel | xeon_silver | 4114t |
| intel | core_i7 | 660ue |
| intel | core_i5 | 4340m |
| intel | xeon_e7 | 4860_v2 |
| intel | xeon | e5607 |
| intel | core_i3 | 4158u |
| intel | atom_z | z3530 |
| intel | core_i5 | 661 |
| intel | xeon_e5_1660_v4 | - |
| intel | core_i7 | 4800mq |
| pepperl-fuchs | btc12_firmware | - |
| intel | core_i7 | 870s |
| intel | core_i7 | 640um |
| intel | core_i5 | 4690k |
| intel | xeon | l7545 |
| intel | xeon | w3690 |
| intel | xeon | x5672 |
| intel | xeon | e5540 |
| intel | core_i7 | 4712mq |
| intel | xeon_phi | 7210 |
| intel | core_i7 | 2860qm |
| intel | xeon_gold | 6148 |
| intel | atom_z | z3570 |
| intel | core_i5 | 4200m |
| intel | atom_z | z2420 |
| intel | atom_x3 | c3205rk |
| intel | core_i3 | 6100u |
| intel | atom_c | c3955 |
| intel | core_i7 | 3770k |
| intel | xeon_silver | 4114 |
| intel | xeon_e5_2650 | - |
| intel | xeon_e3_1275_v6 | - |
| siemens | simatic_itc2200_pro_firmware | * |
| intel | core_i7 | 5775r |
| suse | suse_linux_enterprise_software_development_kit | 11 |
| phoenixcontact | bl_ppc_1000_firmware | - |
| intel | core_i7 | 4770k |
| intel | xeon_e3_1501m_v6 | - |
| intel | atom_z | z3740 |
| intel | core_i5 | 3339y |
| intel | core_i5 | 4250u |
| intel | xeon_e5 | 2699a_v4 |
| intel | xeon_e5_2448l | - |
| intel | core_i7 | 4980hq |
| intel | atom_c | c2308 |
| intel | pentium_n | n3520 |
| intel | xeon_e3_1275_v3 | - |
| intel | xeon_phi | 7290 |
| intel | xeon_e5 | 4657l_v2 |
| intel | core_i7 | 3687u |
| intel | xeon_e5_2430l_v2 | - |
| intel | xeon_e7 | 2870 |
| intel | xeon_e5_2440 | - |
| intel | xeon_gold | 6128 |
| intel | core_i7 | 620ue |
| intel | xeon_e5 | 4640_v2 |
| intel | xeon_bronze_3106 | - |
| intel | core_i5 | 750s |
| intel | core_i3 | 4130t |
| phoenixcontact | vl2_bpc_1000_firmware | - |
| intel | xeon_e5 | 4627_v2 |
| intel | xeon_phi | 7230f |
| intel | core_i7 | 975 |
| intel | celeron_n | n3450 |
| intel | core_i3 | 330m |
| debian | debian_linux | 9.0 |
| intel | xeon_e5_2407_v2 | - |
| intel | core_i5 | 6360u |
| intel | xeon_gold | 5122 |
| intel | core_i3 | 550 |
| intel | atom_x3 | c3235rk |
| intel | atom_z | z3775 |
| intel | core_i5 | 4400e |
| intel | xeon_gold | 5120t |
| intel | core_i5 | 2430m |
| suse | suse_linux_enterprise_software_development_kit | 12 |
| intel | core_i3 | 4330te |
| intel | core_i7 | 4558u |
| intel | xeon_e3_1225 | - |
| intel | xeon_e3_1245_v6 | - |
| intel | pentium_j | j2900 |
| intel | xeon_e5_2450l_v2 | - |
| intel | xeon_e3_1220l_v3 | - |
| intel | core_i7 | 5700eq |
| intel | core_i5 | 5675c |
| intel | xeon_e5_2630 | - |
| intel | xeon_e3_1265l_v4 | - |
| intel | xeon_e5_1680_v3 | - |
| intel | xeon_e3_1275_v2 | - |
| intel | xeon_gold | 6134m |
| phoenixcontact | vl2_ppc_3000_firmware | - |
| intel | xeon | e6510 |
| intel | core_i5 | 430m |
| intel | atom_e | e3805 |
| intel | celeron_n | n3000 |
| intel | xeon_silver | 4108 |
| intel | atom_c | c3858 |
| intel | xeon_e5 | 2683_v4 |
| intel | xeon_gold | 6130f |
| phoenixcontact | vl_ipc_p7000_firmware | - |
| intel | core_i5 | 4308u |
| intel | xeon | l5518 |
| intel | core_i5 | 460m |
| intel | celeron_n | n2805 |
| intel | xeon_platinum | 8160f |
| intel | core_i5 | 2500t |
| phoenixcontact | bl_bpc_2000_firmware | - |
| phoenixcontact | dl_ppc15m_7000_firmware | - |
| intel | core_i5 | 5675r |
| intel | core_i3 | 380um |
| intel | xeon_e5 | 4650_v3 |
| intel | atom_c | c3808 |
| intel | xeon_gold | 6130 |
| intel | xeon_e5_1630_v3 | - |
| intel | xeon_e5 | 4628l_v4 |
| intel | xeon_e5_2618l_v2 | - |
| intel | xeon_e7 | 8850_v2 |
| intel | xeon_platinum | 8160t |
| intel | core_i7 | 4770t |
| intel | core_i3 | 4020y |
| intel | xeon_e3 | 1515m_v5 |
| intel | core_i5 | 560m |
| intel | core_i5 | 3320m |
| intel | core_i7 | 980x |
| intel | atom_z | z2480 |
| phoenixcontact | bl_ppc15_1000_firmware | - |
| intel | xeon | l7555 |
| intel | core_i5 | 540m |
| intel | xeon_e5 | 2680_v3 |
| intel | xeon_gold | 6140 |
| intel | atom_c | c2538 |
| intel | core_i5 | 2435m |
| siemens | simatic_itc2200_firmware | * |
| intel | atom_c | c3750 |
| intel | core_i7 | 4810mq |
| intel | core_i3 | 3210 |
| intel | core_i7 | 980 |
| intel | core_i5 | 2550k |
| intel | xeon | x7542 |
| phoenixcontact | el_ppc_1000/m_firmware | - |
| intel | core_i3 | 4130 |
| intel | xeon_e5_2420 | - |
| intel | xeon_e7 | 8830 |
| intel | core_i7 | 2720qm |
| intel | core_i7 | 4610y |
| intel | core_i5 | 540um |
| intel | xeon | ec5509 |
| intel | xeon_e5 | 4620_v3 |
| intel | core_i7 | 930 |
| intel | core_m3 | 7y30 |
| intel | core_i5 | 4220y |
| intel | xeon | l5630 |
| intel | xeon_e7 | 8880_v3 |
| intel | xeon_e5_2603_v3 | - |
| intel | core_i5 | 4300m |
| intel | atom_x5-e3940 | - |
| intel | core_i7 | 4790t |
| intel | core_i5 | 5350h |
| intel | core_i7 | 620m |
| arm | neoverse_n1_firmware | - |
| intel | core_i5 | 8350u |
| intel | xeon_e3_1220 | - |
| intel | xeon_e5_2623_v4 | - |
| intel | xeon_e5_2650l_v3 | - |
| intel | core_i7 | 7820hq |
| siemens | simatic_itc1500_firmware | * |
| intel | xeon_e5 | 4667_v3 |
| intel | core_i5 | 6500t |
| intel | xeon | e6540 |
| intel | celeron_j | j4005 |
| intel | core_i3 | 530 |
| intel | core_i3 | 6320 |
| canonical | ubuntu_linux | 17.04 |
| intel | core_i5 | 4210u |
| intel | xeon_e5_2430_v2 | - |
| intel | xeon_e7 | 4820_v3 |
| intel | core_i7 | 7560u |
| intel | xeon_e5_2637_v3 | - |
| phoenixcontact | bl_bpc_7000_firmware | - |
| intel | pentium_j | j2850 |
| intel | core_i7 | 5600u |
| intel | xeon | w3680 |
| intel | core_i5 | 3330 |
| intel | core_i5 | 4440 |
| intel | core_i3 | 2367m |
| intel | atom_z | z2760 |
| oracle | local_service_management_system | 13.3 |
| intel | core_m5 | 6y54 |
| intel | xeon_e3_1240_v5 | - |
| intel | xeon_e5_1630_v4 | - |
| intel | xeon_e7 | 8860_v3 |
| intel | xeon_platinum | 8180 |
| intel | core_i5 | 4300y |
| intel | pentium_n | n3710 |
| intel | core_i7 | 4910mq |
| intel | xeon_platinum | 8156 |
| intel | core_i3 | 4330 |
| intel | xeon_e7 | 4870 |
| intel | core_i7 | 4785t |
| intel | xeon_e3_1286l_v3 | - |
| intel | core_i5 | 6400t |
| arm | cortex-a78ae_firmware | - |
| intel | core_i7 | 2600s |
| intel | celeron_n | n2930 |
| intel | core_i3 | 3240 |
| intel | core_i7 | 7600u |
| intel | atom_z | z2580 |
| intel | core_i5 | 4570s |
| intel | xeon_e5 | 2680_v4 |
| intel | core_i7 | 4722hq |
| intel | core_i5 | 6350hq |
| intel | xeon | w5590 |
| intel | core_i7 | 4790 |
| intel | xeon | x7560 |
| intel | xeon_e3_1270_v6 | - |
| intel | atom_c | c2516 |
| intel | core_i5 | 3360m |
| intel | xeon_e3_1225_v6 | - |
| canonical | ubuntu_linux | 14.04 |
| intel | atom_c | c2550 |
| intel | xeon_e3 | 1535m_v6 |
| intel | core_i7 | 4702ec |
| intel | xeon_e7 | 4890_v2 |
| intel | xeon_e5_1650 | - |
| phoenixcontact | bl_ppc17_7000_firmware | - |
| intel | xeon_e5 | 4660_v4 |
| intel | core_i3 | 2102 |
| intel | core_i7 | 940 |
| intel | core_i7 | 620le |
| intel | xeon_silver | 4110 |
| intel | core_i5 | 4258u |
| synology | virtual_machine_manager | * |
| intel | core_i5 | 4210y |
| intel | celeron_j | j1850 |
| intel | xeon_e5_1428l_v2 | - |
| intel | core_i3 | 2340ue |
| intel | xeon_e3_1280_v5 | - |
| intel | xeon_e5_2637_v4 | - |
| intel | xeon_e3 | 1505m_v6 |
| intel | xeon_e5_2450l | - |
| intel | core_i7 | 2760qm |
| intel | xeon_e7 | 8870 |
| intel | celeron_j | j1800 |
| intel | xeon_e5_1650_v2 | - |
| intel | core_i5 | 2520m |
| phoenixcontact | vl_ppc_3000_firmware | - |
| intel | core_i7 | 7567u |
| intel | xeon_e7 | 8893_v4 |
| intel | xeon_e7 | 8867_v3 |
| intel | xeon_e3_1240_v3 | - |
| intel | atom_x5-e3930 | - |
| intel | core_i7 | 640lm |
| intel | xeon_e5 | 4669_v4 |
| intel | core_i3 | 4112e |
| intel | xeon_e5 | 2658 |
| intel | core_i5 | 2300 |
| intel | core_i7 | 2670qm |
| intel | xeon_e5 | 2695_v3 |
| intel | core_i7 | 660lm |
| intel | pentium_n | n3540 |
| intel | xeon_e5 | 2687w |
| intel | core_i3 | 390m |
| intel | core_i5 | 3470t |
| intel | core_i7 | 4860hq |
| intel | xeon_phi | 7235 |
| phoenixcontact | vl2_bpc_2000_firmware | - |
| intel | core_i5 | 6440hq |
| intel | celeron_j | j3355 |
| intel | xeon | ec5539 |
| intel | core_i5 | 6442eq |
| intel | atom_c | c2358 |
| intel | core_i7 | 4770s |
| intel | xeon | x5550 |
| intel | xeon_e3 | 1575m_v5 |
| intel | core_i5 | 4300u |
| intel | xeon_e5 | 2690_v4 |
| intel | atom_e | e3815 |
| intel | core_i5 | 4310u |
| intel | atom_z | z3560 |
| intel | xeon_e5 | 2698_v4 |
| intel | core_i7 | 7y75 |
| intel | xeon_e3_1230 | - |
| intel | core_i5 | 655k |
| intel | xeon_e5 | 2667 |
| intel | core_i7 | 8700 |
| intel | xeon_e5 | 4620_v2 |
| vmware | esxi | 5.5.0 |
| intel | xeon_e3_1240l_v5 | - |
| intel | xeon | x3440 |
| intel | xeon_e3_12201 | - |
| intel | xeon_e3_1280_v6 | - |
| intel | xeon_e5_2603_v2 | - |
| intel | core_i5 | 5350u |
| intel | core_i7 | 7660u |
| intel | core_i3 | 2330e |
| intel | xeon_bronze_3104 | - |
| intel | core_i7 | 3770s |
| intel | core_i7 | 5500u |
| intel | xeon | e5649 |
| intel | core_i3 | 350m |
| intel | xeon_e5_2440_v2 | - |
| intel | xeon_gold | 6132 |
| intel | xeon_e3_1501l_v6 | - |
| intel | core_i3 | 3120me |
| arm | cortex-a17_firmware | - |
| intel | core_i5 | 660 |
| intel | core_i5 | 3570 |
| intel | xeon_e3_1275_v5 | - |
| intel | core_i7 | 4702hq |
| intel | xeon_e5 | 4603_v2 |
| intel | xeon | x5560 |
| intel | core_i7 | 2820qm |
| intel | xeon | x5667 |
| intel | xeon | l5530 |
| intel | xeon_e5 | 4620 |
| intel | xeon_platinum | 8160 |
| intel | xeon_e3_1280_v2 | - |
| intel | core_i7 | 7700hq |
| intel | core_i5 | 3570t |
| intel | xeon_e3_1231_v3 | - |
| intel | core_m7 | 6y75 |
| intel | core_i7 | 3555le |
| intel | core_i5 | 4570r |
| intel | core_i7 | 5750hq |
| intel | atom_z | z2520 |
| intel | xeon_e5_2648l | - |
| intel | core_i7 | 8550u |
| pepperl-fuchs | visunet_rm_shell | - |
| intel | xeon | l5508 |
| intel | xeon_e3_1285_v6 | - |
| intel | xeon_e5 | 4640_v3 |
| intel | core_i7 | 4700ec |
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728).
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-311,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_3005_firmware | * |
| phoenixcontact | fl_switch_3016e_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | * |
| phoenixcontact | fl_switch_4824e-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_st_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | * |
| phoenixcontact | fl_switch_3005t_firmware | * |
| phoenixcontact | fl_switch_3004t-fx_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | * |
| phoenixcontact | fl_switch_4008t-2sfp_firmware | * |
| phoenixcontact | fl_switch_3016t_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_lc-4gc_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm_st-4gc_firmware | * |
| phoenixcontact | fl_switch_3006t-2fx_firmware | * |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | * |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_3016_firmware | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx_sm-4gc_firmware | * |
| phoenixcontact | fl_switch_3008t_firmware | * |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | * |
| phoenixcontact | fl_switch_3008_firmware | * |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | * |
| phoenixcontact | fl_switch_4808e-16fx-4gc_firmware | * |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | * |
An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). Incorrect handling of a request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is not required.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | axl_f_bk_eth_firmware | * |
| phoenixcontact | axl_f_bk_eth_xc_firmware | * |
| phoenixcontact | axl_f_bk_pn_firmware | * |
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-354,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | mguard_centerport_firmware | * |
| phoenixcontact | mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | mguard_core_tx_vpn_firmware | * |
| phoenixcontact | mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | mguard_gt/gt_firmware | * |
| phoenixcontact | mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | mguard_smart2_firmware | * |
| phoenixcontact | mguard_delta_tx/tx_firmware | * |
| phoenixcontact | mguard_pci4000_vpn_firmware | * |
| phoenixcontact | mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | mguard_rs4000_tx/tx_vpn-m_firmware | * |
| phoenixcontact | mguard_smart2_vpn_firmware | * |
| phoenixcontact | mguard_rs4000_4g_vpn_firmware | * |
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,CWE-770,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| abb | pm554-tp-eth_firmware | - |
| siemens | 6es7211-1ae40-0xb0_firmware | - |
| siemens | 6ed1052-1cc01-0ba8_firmware | - |
| phoenixcontact | ilc_151_eth_firmware | - |
| wago | knx_ip_firmware | - |
| wago | pfc100_firmware | - |
| wago | ethernet_firmware | - |
| schneider-electric | modicon_m221_firmware | * |
| wago | bacnet/ip_firmware | - |
| siemens | 6es7314-6eh04-0ab0_firmware | - |
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | axc_f_2152_starterkit_firmware | * |
| phoenixcontact | axc_f_2152_firmware | * |
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunity.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | axc_f_2152_starterkit_firmware | * |
| phoenixcontact | axc_f_2152_firmware | * |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-Of-Bounds Read, Information Disclosure, and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | automationworx_software_suite | * |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-824,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | automationworx_software_suite | * |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to a Use-After-Free and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | automationworx_software_suite | * |
An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-of-bounds Read and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project to be able to manipulate data inside. After manipulation, the attacker needs to exchange the original files with the manipulated ones on the application programming workstation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | config+ | * |
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L | 2.8 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc_151_eth/xc_firmware | - |
| phoenixcontact | ilc_151_eth_firmware | - |
| phoenixcontact | axc_1050_firmware | - |
| phoenixcontact | ilc_171_eth_2tx_firmware | - |
| phoenixcontact | ilc_191_eth_2tx_firmware | - |
| phoenixcontact | ilc_131_eth_firmware | - |
| phoenixcontact | ilc_131_eth/xc_firmware | - |
| phoenixcontact | ilc_191_me/an_firmware | - |
An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices. Command injection can occur in the WebHMI component.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | rad-80211-xd/hp-bus_firmware | - |
| phoenixcontact | rad-80211-xd_firmware | - |
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user, because this IP address is used as a session identifier.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-384,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_smn_8tx_firmware | - |
| phoenixcontact | fl_nat_smn_8tx-m-dmg_firmware | - |
| phoenixcontact | fl_nat_smcs_8tx_firmware | - |
| phoenixcontact | fl_nat_smn_8tx-m_firmware | - |
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | pc_worx_srt | * |
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | portico_server_4_client | * |
| phoenixcontact | portico_server_16_client | * |
| phoenixcontact | portico_server_1_client | * |
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-121,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-121,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an improper path sanitation vulnerability exists on import of project files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | plcnext_engineer | * |
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H | 2.3 | 6.0 |
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | plcnext_firmware | * |
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | plcnext_firmware | * |
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | plcnext_firmware | * |
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | plcnext_firmware | * |
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
| info@cert.vde.com | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 2.8 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-909,CWE-909,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | innominate_mguard_rs4000_4tx/tx_vpn_firmware | * |
| phoenixcontact | innominate_mguard_rs4000_4tx/3g/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | - |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | innominate_mguard_rs4000_4tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | btp_2043w_firmware | * |
| phoenixcontact | btp_2102w_firmware | * |
| phoenixcontact | btp_2070w_firmware | * |
An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. There is an insecure mechanism for read and write access to the configuration of the device. The mechanism can be discovered by examining a link on the website of the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.4 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H | 3.9 | 5.5 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc_2050_bi-l_firmware | * |
| phoenixcontact | ilc_2050_bi_firmware | * |
PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices contain a hardcoded certificate (and key) that is used by default for web-based services on the device. Impersonation, man-in-the-middle, or passive decryption attacks are possible if the generic certificate is not replaced by a device-specific certificate during installation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-798,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | tc_router_3002t-4g_att_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_firmware | * |
| phoenixcontact | tc_cloud_client_1002-txtx_firmware | * |
| phoenixcontact | tc_router_3002t-4g_vzw_firmware | * |
| phoenixcontact | tc_router_2002t-3g_firmware | * |
| phoenixcontact | tc_router_3002t-4g_firmware | * |
PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices allow authenticated users to inject system commands through a modified POST request to a specific URL.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | tc_router_3002t-4g_att_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_firmware | * |
| phoenixcontact | tc_cloud_client_1002-txtx_firmware | * |
| phoenixcontact | tc_router_3002t-4g_vzw_firmware | * |
| phoenixcontact | tc_router_2002t-3g_firmware | * |
| phoenixcontact | tc_router_3002t-4g_firmware | * |
In Phoenix Contact FL COMSERVER UNI in versions < 2.40 a invalid Modbus exception response can lead to a temporary denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-772,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_comserver_uni_232/422/485-t_firmware | * |
| phoenixcontact | fl_comserver_uni_232/422/485_firmware | * |
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service of Web-, SNMP- and ICMP-Echo services. The switching functionality of the device is not affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
| info@cert.vde.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-404,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_smcs_14tx/2fx_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2fx_sm_firmware | * |
| phoenixcontact | fl_switch_smcs_8tx_firmware | * |
| phoenixcontact | fl_switch_smcs_6tx/2sfp_firmware | * |
| phoenixcontact | fl_switch_smcs_14tx/2fx-sm_firmware | * |
| phoenixcontact | fl_switch_smcs_8tx-pn_firmware | * |
| phoenixcontact | fl_switch_smcs_8gt_firmware | * |
| phoenixcontact | fl_nat_smn_8tx_firmware | * |
| phoenixcontact | fl_switch_smcs_4tx-pn_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2pof-pn_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2fx_firmware | * |
| phoenixcontact | fl_nat_smn_8tx-m_firmware | * |
| phoenixcontact | fl_switch_smcs_16tx_firmware | * |
| phoenixcontact | fl_switch_smn_8tx-pn_firmware | * |
| phoenixcontact | fl_switch_smcs_6gt/2sfp_firmware | * |
In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management which could then be executed by the client.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| info@cert.vde.com | 7.4 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N | 2.1 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_smcs_14tx/2fx_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2fx_sm_firmware | * |
| phoenixcontact | fl_switch_smcs_8tx_firmware | * |
| phoenixcontact | fl_switch_smcs_6tx/2sfp_firmware | * |
| phoenixcontact | fl_switch_smcs_14tx/2fx-sm_firmware | * |
| phoenixcontact | fl_switch_smcs_8tx-pn_firmware | * |
| phoenixcontact | fl_switch_smcs_8gt_firmware | * |
| phoenixcontact | fl_nat_smn_8tx_firmware | * |
| phoenixcontact | fl_switch_smcs_4tx-pn_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2pof-pn_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2fx_firmware | * |
| phoenixcontact | fl_nat_smn_8tx-m_firmware | * |
| phoenixcontact | fl_switch_smcs_16tx_firmware | * |
| phoenixcontact | fl_switch_smn_8tx-pn_firmware | * |
| phoenixcontact | fl_switch_smcs_6gt/2sfp_firmware | * |
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_smcs_14tx/2fx_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2fx_sm_firmware | * |
| phoenixcontact | fl_switch_smcs_8tx_firmware | * |
| phoenixcontact | fl_switch_smcs_6tx/2sfp_firmware | * |
| phoenixcontact | fl_switch_smcs_14tx/2fx-sm_firmware | * |
| phoenixcontact | fl_switch_smcs_8tx-pn_firmware | * |
| phoenixcontact | fl_switch_smcs_8gt_firmware | * |
| phoenixcontact | fl_nat_smn_8tx_firmware | * |
| phoenixcontact | fl_switch_smcs_4tx-pn_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2pof-pn_firmware | * |
| phoenixcontact | fl_switch_smn_6tx/2fx_firmware | * |
| phoenixcontact | fl_nat_smn_8tx-m_firmware | * |
| phoenixcontact | fl_switch_smcs_16tx_firmware | * |
| phoenixcontact | fl_switch_smn_8tx-pn_firmware | * |
| phoenixcontact | fl_switch_smcs_6gt/2sfp_firmware | * |
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-798,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | il_eth_bk_di8_do4_2tx-xc-pac_firmware | * |
| phoenixcontact | il_pn_bk_di8_do4_2tx-pac_firmware | * |
| phoenixcontact | axl_f_bk_eth_xc_firmware | * |
| phoenixcontact | axl_f_bk_s35_firmware | * |
| phoenixcontact | axl_f_bk_pn_xc_firmware | * |
| phoenixcontact | il_s3_bk_di8_do4_2tx-pac_firmware | * |
| phoenixcontact | axl_f_bk_eip_firmware | * |
| phoenixcontact | axl_f_bk_sas_firmware | * |
| phoenixcontact | axl_f_bk_pn_tps_firmware | * |
| phoenixcontact | axl_f_bk_eth_firmware | * |
| phoenixcontact | il_eip_bk_di8_do4_2tx-pac_firmware | * |
| phoenixcontact | il_eth_bk_di8_do4_2tx-pac_firmware | * |
| phoenixcontact | il_pn_bk-pac_firmware | * |
| phoenixcontact | axl_f_bk_pn_tps_xc_firmware | * |
| phoenixcontact | il_pn_bk_di8_do4_2scrj-pac_firmware | * |
| phoenixcontact | axl_f_bk_eth_net2_firmware | * |
| phoenixcontact | axl_f_bk_eip_ef_firmware | * |
| phoenixcontact | axl_f_bk_pn_firmware | * |
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of service on the PLC's network communication module. A successful attack stops all network communication. To restore the network connectivity the device needs to be restarted. The automation task is not affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-770,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc1x0_firmware | * |
| phoenixcontact | ilc1x1_firmware | * |
Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialized data. The attacker needs to get access to an original bus configuration file (*.bcp) to be able to manipulate data inside. After manipulation the attacker needs to exchange the original file by the manipulated one on the application programming workstation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities. Automated systems in operation which were programmed with one of the above-mentioned products are not affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-824,CWE-824,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | config+ | * |
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | axc_f_3152_firmware | * |
| phoenixcontact | axc_f_1152_firmware | * |
| phoenixcontact | plcnext_technology_starterkit_firmware | * |
| phoenixcontact | axc_f_2152_starterkit_firmware | * |
| phoenixcontact | axc_f_2152_firmware | * |
| phoenixcontact | rfc_4072s_firmware | * |
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (“ATV profiles”). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_dm | 1.13.0 |
| phoenixcontact | fl_mguard_dm | 1.12.0 |
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
| info@cert.vde.com | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_1102_firmware | 1.4.0 |
| phoenixcontact | fl_mguard_1105_firmware | 1.4.1 |
| phoenixcontact | fl_mguard_1102_firmware | 1.4.1 |
| phoenixcontact | fl_mguard_1105_firmware | 1.5.0 |
| phoenixcontact | fl_mguard_1102_firmware | 1.5.0 |
| phoenixcontact | fl_mguard_1105_firmware | 1.4.0 |
Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-401,CWE-401,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_1102_firmware | 1.4.0 |
| phoenixcontact | fl_mguard_1105_firmware | 1.4.1 |
| phoenixcontact | fl_mguard_1102_firmware | 1.4.1 |
| phoenixcontact | fl_mguard_1105_firmware | 1.5.0 |
| phoenixcontact | fl_mguard_1102_firmware | 1.5.0 |
| phoenixcontact | fl_mguard_1105_firmware | 1.4.0 |
In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_switch_2214-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2506-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2208c_firmware | 3.00 |
| phoenixcontact | fl_switch_2205_firmware | 3.00 |
| phoenixcontact | fl_switch_2314-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | 3.00 |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2508_firmware | 3.00 |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2508_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2516_firmware | 3.00 |
| phoenixcontact | fl_switch_2216_firmware | 3.00 |
| phoenixcontact | fl_switch_2406-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2005_firmware | 3.00 |
| phoenixcontact | fl_switch_2008_firmware | 3.00 |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | 3.00 |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2708_firmware | 3.00 |
| phoenixcontact | fl_switch_2206-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2516_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2316_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2514-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2208_firmware | 3.00 |
| phoenixcontact | fl_switch_2108_firmware | 3.00 |
| phoenixcontact | fl_switch_2308_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2008f_firmware | 3.00 |
| phoenixcontact | fl_switch_2416_firmware | 3.00 |
| phoenixcontact | fl_switch_2608_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2214-2fx_firmware | 3.00 |
| phoenixcontact | fl_switch_2206c-2fx_firmware | 3.00 |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | 3.00 |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2316/k1_firmware | 3.00 |
| phoenixcontact | fl_switch_2508/k1_firmware | 3.00 |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | 3.00 |
| phoenixcontact | fl_switch_2016_firmware | 3.00 |
| phoenixcontact | fl_switch_2408_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2216_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2308_firmware | 3.00 |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | 3.00 |
| phoenixcontact | fl_switch_2116_firmware | 3.00 |
| phoenixcontact | fl_switch_2207-fx_firmware | 3.00 |
| phoenixcontact | fl_switch_2416_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | 3.00 |
| phoenixcontact | fl_switch_2708_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2414-2sfx_firmware | 3.00 |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2208_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | 3.00 |
| phoenixcontact | fl_switch_2408_firmware | 3.00 |
| phoenixcontact | fl_switch_2105_firmware | 3.00 |
| phoenixcontact | fl_switch_2206-2fx_firmware | 3.00 |
| phoenixcontact | fl_switch_2316_firmware | 3.00 |
| phoenixcontact | fl_switch_2306-2sfp_firmware | 3.00 |
| phoenixcontact | fl_switch_2608_firmware | 3.00 |
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the traceroute utility integrated in the WebUI to execute arbitrary code with root privileges on the OS due to an improper input validation in all versions of the firmware.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 2.3 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | rad-ism-900-en-bd/b_firmware | * |
| phoenixcontact | rad-ism-900-en-bd-bus_firmware | * |
| phoenixcontact | rad-ism-900-en-bd_firmware | * |
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 2.3 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-354,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | rad-ism-900-en-bd/b_firmware | * |
| phoenixcontact | rad-ism-900-en-bd-bus_firmware | * |
| phoenixcontact | rad-ism-900-en-bd_firmware | * |
An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc1x0_firmware | * |
| phoenixcontact | ilc_3xx_firmware | * |
| phoenixcontact | ilc1x1_firmware | * |
| phoenixcontact | pc_worx_rt_basic_firmware | * |
| phoenixcontact | rfc_480s_pn_4tx_firmware | * |
| phoenixcontact | rfc_470_pn_3tx_firmware | * |
| phoenixcontact | rfc_460r_pn_3tx-s_firmware | * |
| phoenixcontact | fc_350_pci_eth_firmware | * |
| phoenixcontact | axc_1050_firmware | * |
| phoenixcontact | pc_worx_srt_firmware | * |
| phoenixcontact | axc_1050_xc_firmware | * |
| phoenixcontact | rfc_430_eth-ib_firmware | * |
| phoenixcontact | rfc_450_eth-ib_firmware | * |
| phoenixcontact | ilc_1x1_gsm/gprs_firmware | * |
| phoenixcontact | rfc_470s_pn_3tx_firmware | * |
| phoenixcontact | axc_3050_firmware | * |
| phoenixcontact | rfc_460r_pn_3tx_firmware | * |
An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | proconos | * |
| phoenixcontact-software | proconos_eclr | - |
| phoenixcontact | multiprog | * |
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | automationworx_software_suite | 1.89 |
A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended scope due to insufficient validation of input data. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | automationworx_software_suite | 1.89 |
Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to upload arbitrary malicious code and gain full access on the affected device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | multiprog | * |
| phoenixcontact | proconos_eclr | * |
In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | smartrtu_axc_sg_firmware | * |
| phoenixcontact | infobox_firmware | * |
| phoenixcontact | smartrtu_axc_ig_firmware | * |
| phoenixcontact | energy_axc_pu | * |
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an unauthenticated remote attacker could use a reflective XSS within the license viewer page of the devices in order to execute code in the context of the user's browser.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.6 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H | 2.8 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | cloud_client_1101t-tx_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_vzw_firmware | * |
| phoenixcontact | tc_router_3002t-4g_att_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_firmware | * |
| phoenixcontact | tc_router_3002t-4g_vzw_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_att_firmware | * |
| phoenixcontact | tc_router_3002t-4g_firmware | * |
In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 an authenticated remote attacker with admin privileges could upload a crafted XML file which causes a denial-of-service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 4.9 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | 1.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | cloud_client_1101t-tx_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_vzw_firmware | * |
| phoenixcontact | tc_router_3002t-4g_att_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_firmware | * |
| phoenixcontact | tc_router_3002t-4g_vzw_firmware | * |
| phoenixcontact | tc_cloud_client_1002-4g_att_firmware | * |
| phoenixcontact | tc_router_3002t-4g_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP DELETE request to gain full access to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a specific HTTP POST releated to certificate operations to gain full access to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 3.8 | LOW | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N | 1.2 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 3.8 | LOW | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N | 1.2 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 3.9 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated remote attacker can execute code with root permissions with a specially crafted HTTP POST when uploading a certificate to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with SNMPv2 write privileges may use an a special SNMP request to gain full access to the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | wp_6185-whps_firmware | * |
| phoenixcontact | wp_6156-whps_firmware | * |
| phoenixcontact | wp_6215-whps_firmware | * |
| phoenixcontact | wp_6070-wvps_firmware | * |
| phoenixcontact | wp_6121-wxps_firmware | * |
| phoenixcontact | wp_6101-wxps_firmware | * |
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| trumpf | tubedesign | * |
| phoenixcontact | fl_network_manager | * |
| trumpf | trutopsfab_storage_smallstore | * |
| phoenixcontact | e-mobility_charging_suite | * |
| trumpf | trutopsprintmultilaserassistant | * |
| phoenixcontact | plcnext_engineer | * |
| trumpf | trutopsweld | * |
| phoenixcontact | iol-conf | * |
| trumpf | trutops | * |
| trumpf | topscalculation | * |
| phoenixcontact | module_type_package_designer | * |
| trumpf | teczonebend | * |
| trumpf | trumpflicenseexpert | * |
| trumpf | programmingtube | * |
| trumpf | tops_unfold | 05.03.00.00 |
| phoenixcontact | activation_wizard | * |
| trumpf | trutops_cell_classic | * |
| trumpf | trutopsboost | * |
| wibu | codemeter_runtime | * |
| trumpf | trutopsfab | * |
| trumpf | trutops_mark_3d | * |
| trumpf | oseon | * |
| phoenixcontact | module_type_package_designer | 1.2.0 |
| trumpf | trutops_cell_sw48 | * |
| trumpf | trutopsprint | * |
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc1x0_firmware | * |
| phoenixcontact | ilc_3xx_firmware | * |
| phoenixcontact | pc_worx_srt | * |
| phoenixcontact | config+ | * |
| phoenixcontact | ilc1x1_firmware | * |
| phoenixcontact | pc_worx_rt_basic_firmware | * |
| phoenixcontact | rfc_480s_pn_4tx_firmware | * |
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
| phoenixcontact | fc_350_pci_eth_firmware | * |
| phoenixcontact | axc_1050_firmware | * |
| phoenixcontact | axc_1050_xc_firmware | * |
| phoenixcontact | rfc_430_eth-ib_firmware | * |
| phoenixcontact | rfc_450_eth-ib_firmware | * |
| phoenixcontact | rfc_470s_pn_3tx_firmware | * |
| phoenixcontact | axc_3050_firmware | * |
| phoenixcontact | rfc_460r_pn_3tx_firmware | * |
| phoenixcontact | automationworx_software_suite | * |
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | axc_f_3152_firmware | * |
| phoenixcontact | plcnext_engineer | * |
| phoenixcontact | axc_f_1152_firmware | * |
| phoenixcontact | epc_1502_firmware | * |
| phoenixcontact | epc_1522_firmware | * |
| phoenixcontact | axc_f_2152_firmware | * |
| phoenixcontact | rfc_4072r_firmware | * |
| phoenixcontact | bpc_9102s_firmware | * |
| phoenixcontact | rfc_4072s_firmware | * |
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | ilc1x0_firmware | * |
| phoenixcontact | ilc_3xx_firmware | * |
| phoenixcontact | pc_worx_srt | * |
| phoenixcontact | config+ | * |
| phoenixcontact | ilc1x1_firmware | * |
| phoenixcontact | pc_worx_rt_basic_firmware | * |
| phoenixcontact | rfc_480s_pn_4tx_firmware | * |
| phoenixcontact | pc_worx | * |
| phoenixcontact | pc_worx_express | * |
| phoenixcontact | fc_350_pci_eth_firmware | * |
| phoenixcontact | axc_1050_firmware | * |
| phoenixcontact | axc_1050_xc_firmware | * |
| phoenixcontact | rfc_430_eth-ib_firmware | * |
| phoenixcontact | rfc_450_eth-ib_firmware | * |
| phoenixcontact | rfc_470s_pn_3tx_firmware | * |
| phoenixcontact | axc_3050_firmware | * |
| phoenixcontact | rfc_460r_pn_3tx_firmware | * |
| phoenixcontact | automationworx_software_suite | * |
A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| info@cert.vde.com | 7.7 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N | 3.1 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | axc_f_3152_firmware | * |
| phoenixcontact | plcnext_engineer | * |
| phoenixcontact | axc_f_1152_firmware | * |
| phoenixcontact | epc_1502_firmware | * |
| phoenixcontact | epc_1522_firmware | * |
| phoenixcontact | axc_f_2152_firmware | * |
| phoenixcontact | rfc_4072r_firmware | * |
| phoenixcontact | bpc_9102s_firmware | * |
| phoenixcontact | rfc_4072s_firmware | * |
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to download and execute applications without integrity checks on the device which may result in a complete loss of integrity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | multiprog | * |
| phoenixcontact | proconos_eclr | * |
An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can perform a log injection due to improper input validation. Only a certain log file is affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.4 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H | 2.2 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.2 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.7 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N | 2.2 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as only non-sensitive information can be obtained but the availability can be seriously affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.0 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.2 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.0 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N | 3.1 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_4305_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_2105_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_4305_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_2105_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_4305_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_2105_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_4305_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_2105_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_4305_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_2105_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.7 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_mguard_core_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_4302_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx_firmware | * |
| phoenixcontact | fl_mguard_rs4004_tx/dtx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pci4000_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_4102_pci_firmware | * |
| phoenixcontact | fl_mguard_4305_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-m_firmware | * |
| phoenixcontact | tc_mguard_rs4000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_att_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vzw_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2000_tx/tx-b_firmware | * |
| phoenixcontact | fl_mguard_2105_firmware | * |
| phoenixcontact | fl_mguard_4102_pcie_firmware | * |
| phoenixcontact | fl_mguard_smart2_firmware | * |
| phoenixcontact | fl_mguard_2102_firmware | * |
| phoenixcontact | fl_mguard_rs4000_tx/tx-p_firmware | * |
| phoenixcontact | fl_mguard_smart2_vpn_firmware | * |
| phoenixcontact | fl_mguard_core_tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_4g_att_vpn_firmware | * |
| phoenixcontact | fl_mguard_gt/gt_vpn_firmware | * |
| phoenixcontact | fl_mguard_rs2005_tx_vpn_firmware | * |
| phoenixcontact | fl_mguard_pcie4000_firmware | * |
| phoenixcontact | fl_mguard_centerport_vpn-1000_firmware | * |
| phoenixcontact | fl_mguard_pci4000_vpn_firmware | * |
| phoenixcontact | fl_mguard_delta_tx/tx_firmware | * |
| phoenixcontact | tc_mguard_rs2000_3g_vpn_firmware | * |
| phoenixcontact | tc_mguard_rs4000_4g_vpn_firmware | * |
An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 3.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A physical attacker with access to the device display via USB-C can send a message to the device which triggers an unsecure copy to a buffer resulting in loss of integrity and a temporary denial-of-service for the stations until they got restarted by the watchdog.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 5.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L | 0.9 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
An unauthenticated adjacent attacker is able to configure a new OCPP backend, due to insecure defaults for the configuration interface.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | charx_sec-3000_firmware | * |
| phoenixcontact | charx_sec-3100_firmware | * |
| phoenixcontact | charx_sec-3150_firmware | * |
| phoenixcontact | charx_sec-3050_firmware | * |
A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 2.3 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
A low privileged remote attacker can use the ssh feature to execute commands directly after login. The process stays open and uses resources which leads to a reduced performance of the management functions. Switching functionality is not affected.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
A low privileged remote attacker can run the webshell with an empty command containing whitespace. The server will then block until it receives more data, resulting in a DoS condition of the websserver.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in dyn_conn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain read access to parts of the filesystem of the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-41692.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |
An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management (WBM). The vulnerability does not provide access to system-level resources such as operating system internals or privileged functions. Access is limited to device configuration parameters that are available in the context of the web application. The session cookie is secured by the httpOnly Flag. Therefore an attacker is not able to take over the session of an authenticated user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| info@cert.vde.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| phoenixcontact | fl_nat_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2508_firmware | * |
| phoenixcontact | fl_switch_2207-fx_sm_firmware | * |
| phoenixcontact | fl_switch_2208c_firmware | * |
| phoenixcontact | fl_nat_2208_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_st_firmware | * |
| phoenixcontact | fl_switch_2504-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2208_pn_firmware | * |
| phoenixcontact | fl_switch_2304-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_firmware | * |
| phoenixcontact | fl_switch_2316/k1_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2408_pn_firmware | * |
| phoenixcontact | fl_switch_2008f_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_st_firmware | * |
| phoenixcontact | fl_switch_2308_pn_firmware | * |
| phoenixcontact | fl_switch_2207-fx_firmware | * |
| phoenixcontact | fl_switch_2514-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2312-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2205_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_firmware | * |
| phoenixcontact | fl_switch_2212-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2206c-2fx_firmware | * |
| phoenixcontact | fl_switch_2108_firmware | * |
| phoenixcontact | fl_nat_2008_firmware | * |
| phoenixcontact | fl_switch_2216_pn_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2508_pn_firmware | * |
| phoenixcontact | fl_switch_2512-2gc-2sfp_firmware | * |
| phoenixcontact | fl_switch_2204-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2608_firmware | * |
| phoenixcontact | fl_switch_2308_firmware | * |
| phoenixcontact | fl_switch_2016_firmware | * |
| phoenixcontact | fl_switch_2508/k1_firmware | * |
| phoenixcontact | fl_switch_2416_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_pn_firmware | * |
| phoenixcontact | fl_switch_2316_firmware | * |
| phoenixcontact | fl_switch_2214-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2008_firmware | * |
| phoenixcontact | fl_switch_2206-2sfx_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_firmware | * |
| phoenixcontact | fl_switch_2303-8sp1 | * |
| phoenixcontact | fl_switch_2116_firmware | * |
| phoenixcontact | fl_switch_2005_firmware | * |
| phoenixcontact | fl_switch_2416_firmware | * |
| phoenixcontact | fl_switch_2214-2sfx_firmware | * |
| phoenixcontact | fl_switch_2105_firmware | * |
| phoenixcontact | fl_switch_2208_firmware | * |
| phoenixcontact | fl_switch_2414-2sfx_firmware | * |
| phoenixcontact | fl_switch_2314-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2516_pn_firmware | * |
| phoenixcontact | fl_switch_2708_pn_firmware | * |
| phoenixcontact | fl_switch_2708_firmware | * |
| phoenixcontact | fl_switch_2206-2fx_sm_firmware | * |
| phoenixcontact | fl_switch_2216_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp/k1_firmware | * |
| phoenixcontact | fl_switch_2408_firmware | * |
| phoenixcontact | fl_switch_2412-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2404-2tc-2sfx_firmware | * |
| phoenixcontact | fl_switch_2516_firmware | * |
| phoenixcontact | fl_switch_2316_pn_firmware | * |
| phoenixcontact | fl_switch_2608_pn_firmware | * |
| phoenixcontact | fl_switch_2306-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2506-2sfp_pn_firmware | * |
| phoenixcontact | fl_switch_2406-2sfx_firmware | * |