Summary
A device on the same network as the controller sending a special crafted JSON request to the /auth/access-token endpoint may cause the controller to restart (CWE-20).
UPDATE A
The CVSS score has been raised from 7.7 (CVSS:3.0:AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) to 9.1 (CVSS:3.0:AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H)
Impact
An attacker could potentially script this request and create a denial of service attack condition.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| 1151412 | AXC F 1152 | Firmware <2021.0.5 LTS |
| 2404267 | AXC F 2152 | Firmware <2021.0.5 LTS |
| 1046568 | AXC F 2152 Starterkit | Firmware <2021.0.5 LTS |
| 1069208 | AXC F 3152 | Firmware <2021.0.5 LTS |
| 1188165 | PLCnext Technology Starterkit | Firmware <2021.0.5 LTS |
| 1051328 | RFC 4072S | Firmware <2021.0.5 LTS |
Vulnerabilities
Expand / Collapse allMitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note: Measures to protect network-capable devices with Ethernet connection
Remediation
Phoenix Contact recommends affected users to upgrade to the current Firmware 2021.0.5 LTS or higher which fixes this vulnerability.
| Article no | Article |
|---|---|
| 1151412 | AXC F 1152 |
| 2404267 | AXC F 2152 |
| 1069208 | AXC F 3152 |
| 1051328 | RFC 4072S |
| 1046568 | AXC F 2152 Starterkit |
| 1188165 | PLCnext Technology Starterkit |
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 04.08.2021 09:58 | initial revision |
| 2 | 09.11.2021 13:49 | Update A |
| 3 | 10.02.2025 10:30 | Update: Provider data has been corrected |
| 4 | 14.05.2025 14:28 | Fix: version space |