Summary
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of service on the PLC's network communication module (CWE-770).
Impact
A successful attack stops all network communication. To restore the network connectivity the device needs to be restarted. The automation task is not affected.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| Hardware ILC1x0 | Firmware vers:all/* | |
| Hardware ILC1x1 | Firmware vers:all/* |
Vulnerabilities
Expand / Collapse allPhoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of service on the PLC's network communication module. A successful attack stops all network communication. To restore the network connectivity the device needs to be restarted. The automation task is not affected.
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note:
Measures to protect network-capable devices with Ethernet connection
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 23.06.2021 14:16 | Initial revision. |
| 2 | 27.01.2025 13:50 | update: all versions was converted to a machine-readable format |
| 3 | 10.02.2025 10:00 | Update: Provider data has been corrected |
| 4 | 14.05.2025 15:00 | Fix: added distribution |