News

Dangerous vulnerabilities detected in Phoenix Contact hardware

A number of vulnerabilities have been discovered in Phoenix Contact industrial solutions that allow unauthorized access to configuration of devices, decrypt passwords, cause a denial of service, or bypass authentication.

In particular, problems affect industrial switches Phoenix Contact FL NAT SMx and controllers Phoenix Contact PLCNext AXC F 2152.

Phoenix Contact FL NAT SMx Solution contains a vulnerability (CVE-2019-9744) that allows an unauthorized user to access device settings.

The problem affects the following models: FL NAT SMN 8TX-M (2702443), FL NAT SMN 8TX-M-DMG (2989352), FL NAT SMN 8TX (2989365), and FL NAT SMCS 8TX (2989378). The severity of vulnerability is estimated as 8.8 points in the CVSS v3 scale.

The Phoenix Contact PLCNext AXC F 2152 solution revealed three vulnerabilities (CVE-2018-7559, CVE-2019-10998, CVE-2019-10997).

Using the first, attacker can decrypt the password set on the server.

Vulnerability CVE-2019-10998 allows bypassing device authentication mechanism (for a successful attack, an attacker will need physical access to the device).

By exploiting a third vulnerability, an attacker in “man in the middle” position can cause a malfunction in the PLC. Vulnerabilities affect following products: AXC F 2152-2404267 and AXC F 2152-1046568 (Starterkit).

Read also: About 5.5% of detected vulnerabilities used for implementation real attacks

Currently, no exploitation of the above vulnerabilities has been identified.

Phoenix Contact recommends that you have a firewall.

Source: https://ics-cert.us-cert.gov

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

View Comments

Recent Posts

Remove Kabatibly.co.in pop-up ads (Virus Removal Guide)

Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…

15 hours ago

Remove Reditarcet.co.in pop-up ads (Virus Removal Guide)

Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…

15 hours ago

Remove Everestpeak.top pop-up ads (Virus Removal Guide)

Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…

19 hours ago

Remove Firm-jawed.yachts pop-up ads (Virus Removal Guide)

Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…

19 hours ago

Remove Anapurnatop.top pop-up ads (Virus Removal Guide)

Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…

20 hours ago

Remove Boomira pop-up ads (Virus Removal Guide)

Boomira.com is a domain that tries to force you into clik to its browser notifications…

20 hours ago