Share: Email | Twitter
This advisory has no CVE assigned.

ID

VDE-2018-012

Published

2018-08-13 13:55 (CEST)

Last update

2018-08-13 13:55 (CEST)

Vendor(s)

PHOENIX CONTACT GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
ILC 131 all versions
ILC 151 all versions
ILC 171 all versions
ILC 191 ETH all versions

Severity

7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Weakness

Uncontrolled Resource Consumption (CWE-400)

Summary

The processing program of the IEC 61131 program can be slowed down or stopped completely by creating a large amount of network traffic that needs to be handled by the ILC.

Impact

The processing of the network load takes up so much CPU power that the operation of all functions of the device, including the 61131 program, will slow down. This may affect the automation task. Once the network load is removed the ILC will return to normal state.

Solution

Customers using Phoenix Contact ILC 1x1 are recommended to operate the devices in closed networks or protected with a suitable firewall.
For detailed information on our recommendations for measures to protect network-cabable devices, please refer to our application note:

https://www.phoenixcontact.com/assets/downloads_ed/local_pc/web_dwl_technical_info/ah_en_industrial_security_107913_en_01.pdf

Reported by

This vulnerability was reported by Matthias Niedermaier (Hochschule Augsburg), Jan-Ole Malchow (Freie Universität Berlin) and Florian Fischer (Hochschule Augsburg)

https://www.usenix.org/system/files/conference/woot18/woot18-paper-niedermaier.pdf