VDE-2019-001
Mai 14, 2025, 3:00 nachm.
Multiple vulnerabilities for FL SWITCH have been identified in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx version 1.0 to 1.34.
VDE-2018-015
Sept. 21, 2018, 9:03 vorm.
Incorrect handling request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is not required.
VDE-2018-012
Aug. 13, 2018, 1:55 nachm.
The processing program of the IEC 61131 program can be slowed down or stopped completely by creating a large amount of network traffic that needs to be handled by the …
VDE-2018-006
Mai 14, 2025, 3:00 nachm.
An attacker may insert a carefully crafted cookie into a GET menu_pxc.cgi or GET index.cgi request to cause a buffer overflow that can initiate a Denial of Service attack and …
VDE-2018-007
Mai 22, 2025, 3:03 nachm.
Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series - Stack-based Buffer Overflow in shared object file
An attacker may exploit a 'long cookie' related vulnerability to cause a buffer overflow that allows unauthorized access to the switches operating system files. The attacker can then insert executable …
VDE-2018-005
Mai 16, 2018, 7:35 vorm.
Web interface CGI applications may copy the contents of the running configuration file to a commonly accessed file. Clever manipulation of a web login request can expose the contents of …
VDE-2018-004
Mai 14, 2025, 2:28 nachm.
An attacker with permission to transfer configuration files to/from the switch or permission to upgrade firmware, is able to execute arbitrary OS shell commands. CGI applications config_transfer.cgi and software_update.cgi are …
VDE-2018-003
Okt. 1, 2025, 10:00 vorm.
Several CPUs manufactured by Intel, AMD or based on ARM technology may leak information due to their internal operation if attacked by specifically written software executed on the affected systems. …