PHOENIX CONTACT: improper access control exists on FL NAT devices when using MAC-based port security

If MAC-based port security or 802.1x port security is enabled, the FL NAT 2xxx will unintentionally grant access to unauthorized devices in case of routed transmission.

Subnet 2---(Ports belonging to subnet 2)
                  |
             FL NAT 2xxx
                  |
            (Ports belonging to subnet 1, port sec ON)---- 2nd device
                                                        |
                                                        -- unauthorized device

The unauthorized device can access other devices in subnet 2 but cannot access the 2nd device in subnet 1


CVE-2019-18352: 8.2

PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite

Manipulated PC Worx or Config+ projects could lead to a remote code execution due to
insufficient input data validation.
The attacker needs to get access to an original PC Worx or Config+ project to be able to
manipulate data inside the project folder. After manipulation the attacker needs to exchange the
original files by the manipulated ones on the application programming workstation.


CVE-2019-16675: 7.8

Beckhoff: TwinCAT Denial-of-Service in Profinet driver

In case TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending special packets to the device.


CVE-2019-5637: 7.5

WAGO: Series PFC100/PFC200 Information Disclosure

The reported vulnerability allows a remote attacker to check paths and file names that are used in filesystem operations.

Update, 18.9.2019, 18:30

  • fixed typo in modelname, replaced PCF with PFC


CVE-2019-18202: 5.3

PHOENIX CONTACT: Multiple Vulnerabilities in Automation Worx Software Suite

A manipulated PC Worx or Config+ project file could lead to a remote code execution.
The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation the attacker needs to exchange the original file by the manipulated one on the application programming workstation.


CVE-2019-12870: 8.8
CVE-2019-12871: 8.8
CVE-2019-12869: 6.8

WAGO: Multiple Vulnerabilities in industrial managed switches

Multiple vulnerabilities have been identified in WAGO 852-303, 852-1305 and 852-1505 industrial managed ethernet switches.


CVE-2015-0235: 10.0
CVE-2014-9761: 9.8
CVE-2019-12549: 9.8
CVE-2016-2148: 9.8
CVE-2019-12550: 9.8
CVE-2014-9984: 9.8
CVE-2017-16544: 8.8
CVE-2014-9402: 7.8
CVE-2015-1472: 7.5
CVE-2016-6301: 7.5
CVE-2011-5325: 7.5
CVE-2016-2147: 7.5
CVE-2014-4043: 7.5
CVE-2012-4412: 7.5
CVE-2010-0296: 7.2
CVE-2013-1813: 7.2
CVE-2010-3856: 7.2
CVE-2011-2716: 6.8
CVE-2015-9261: 5.5

TECSON/GOK: Improper Authentication and Access Control on multiple devices

A security researcher discovered that the affected application doesn't properly restrict access to an endpoint that is responsible for saving settings, to a user with limited access rights. Based on the lack of adequately implemented access-control rules, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to change the application settings without authenticating at all, which violates originally laid ACL rules.


CVE-2019-12254: 9.8

PHOENIX CONTACT: Multiple Vulnerabilities in AXC F 2152 (Update A)

Multiple vulnerabilities have been identified in PHOENIX CONTACT AXC F 2152 with firmware versions 1.x


CVE-2017-8816: 9.8
CVE-2016-9953: 9.8
CVE-2017-8817: 9.8
CVE-2017-11541: 9.8
CVE-2017-11542: 9.8
CVE-2017-11543: 9.8
CVE-2017-5334: 9.8
CVE-2017-5336: 9.8
CVE-2016-9841: 9.8
CVE-2018-1000120: 9.8
CVE-2017-5337: 9.8
CVE-2016-9843: 9.8
CVE-2017-1000257: 9.1
CVE-2018-1000122: 9.1
CVE-2018-1000301: 9.1
CVE-2018-1000005: 9.1
CVE-2016-9842: 8.8
CVE-2016-9840: 8.8
CVE-2016-9952: 8.1
CVE-2016-1247: 7.8
CVE-2017-9023: 7.5
CVE-2016-6301: 7.5
CVE-2016-7141: 7.5
CVE-2016-7444: 7.5
CVE-2018-1000121: 7.5
CVE-2017-1000254: 7.5
CVE-2017-11108: 7.5
CVE-2017-11185: 7.5
CVE-2017-3731: 7.5
CVE-2017-9233: 7.5
CVE-2017-5335: 7.5
CVE-2017-9022: 7.5
CVE-2019-10998: 6.8
CVE-2018-1000117: 6.7
CVE-2018-5388: 6.5
CVE-2017-1000101: 6.5
CVE-2017-1000100: 6.5
CVE-2016-7103: 6.1
CVE-2015-9251: 6.1
CVE-2017-3738: 5.9
CVE-2019-10997: 5.9
CVE-2018-0737: 5.9
CVE-2017-3737: 5.9
CVE-2017-15906: 5.3
CVE-2018-7559: 5.3
CVE-2017-3735: 5.3

Feeds

Nach Hersteller

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Legende

(Scoring für CVSS 2.0,3.0+3.1)
keine
Kein CVE verfügbar
Niedrig
0.1 <= 3.9
Mittel
4.0 <= 6.9
Hoch
7.0 <= 8.9
Kritisch
9.0 <= 10.0