Summary
Incorrect handling request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is not required.
Impact
The device stops responding to any network or local port, consequently shutting down this part of the automation system. The bus coupler needs to be restarted by disconnecting the power supply.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| 2688459 | AXL F BK ETH | Firmware <=1.12 |
| 2701949 | AXL F BK ETH XC | Firmware <=1.11 |
| 2701815 | AXL F BK PN | Firmware <=1.0.4 |
Vulnerabilities
Expand / Collapse allAn issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). Incorrect handling of a request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is not required.
Mitigation
Customers using affected Phoenix Contact AXL F BK are recommended to operate the devices in closed networks or protected with a suitable firewall.
For detailed information on our recommendations for measures to protect network-cabable devices, please refer to our application note:
www.phoenixcontact.com/assets/downloa...
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 09/21/2018 09:03 | Initial revision. |