Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware

VDE-2025-071

Last update

12/09/2025 09:00

Published at

12/09/2025 09:00

Vendor(s)

Phoenix Contact GmbH & Co. KG

External ID

VDE-2025-071

CSAF Document

Download

Summary

Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. Two other vulnerabilities (CVE-2025-41693 and CVE-2025-41694) are related to Denial of Service (DoS) attacks, which partly limit the device's functionality. Another vulnerability (CVE-2025-41697) allows an unauthenticated physical attacker to access a login shell via an undocumented UART port. Furthermore, there are multiple vulnerabilities relating to reflected cross-site scripting in the web-based management of the device. All vulnerabilities have been resolved in firmware version 3.50.

Impact

Availability, integrity, or confidentiality of the FL SWITCH 2xxx can be compromised by attacks using these vulnerabilities.

Affected Product(s)

Model no.	Product name	Affected versions
2702881	FL NAT 2008	Firmware <3.50
2702882	FL NAT 2208	Firmware <3.50
2702981	FL NAT 2304-2GC-2SFP	Firmware <3.50
2702323	FL SWITCH 2005	Firmware <3.50
2702324	FL SWITCH 2008	Firmware <3.50
1106707	FL SWITCH 2008F	Firmware <3.50
2702903	FL SWITCH 2016	Firmware <3.50
2702665	FL SWITCH 2105	Firmware <3.50
2702666	FL SWITCH 2108	Firmware <3.50
2702908	FL SWITCH 2116	Firmware <3.50
2702334	FL SWITCH 2204-2TC-2SFX	Firmware <3.50
2702326	FL SWITCH 2205	Firmware <3.50
2702330	FL SWITCH 2206-2FX	Firmware <3.50
2702331	FL SWITCH 2206-2FX SM	Firmware <3.50
2702333	FL SWITCH 2206-2FX SM ST	Firmware <3.50
2702332	FL SWITCH 2206-2FX ST	Firmware <3.50
2702969	FL SWITCH 2206-2SFX	Firmware <3.50
1044028	FL SWITCH 2206-2SFX PN	Firmware <3.50
1095628	FL SWITCH 2206C-2FX	Firmware <3.50
2702328	FL SWITCH 2207-FX	Firmware <3.50
2702329	FL SWITCH 2207-FX SM	Firmware <3.50
2702327	FL SWITCH 2208	Firmware <3.50
1044024	FL SWITCH 2208 PN	Firmware <3.50
1095627	FL SWITCH 2208C	Firmware <3.50
2702907	FL SWITCH 2212-2TC-2SFX	Firmware <3.50
2702905	FL SWITCH 2214-2FX	Firmware <3.50
2702906	FL SWITCH 2214-2FX SM	Firmware <3.50
1006188	FL SWITCH 2214-2SFX	Firmware <3.50
1044030	FL SWITCH 2214-2SFX PN	Firmware <3.50
2702904	FL SWITCH 2216	Firmware <3.50
1044029	FL SWITCH 2216 PN	Firmware <3.50
1278397	FL SWITCH 2303-8SP1	Firmware <3.50
2702653	FL SWITCH 2304-2GC-2SFP	Firmware <3.50
2702970	FL SWITCH 2306-2SFP	Firmware <3.50
1009222	FL SWITCH 2306-2SFP PN	Firmware <3.50
2702652	FL SWITCH 2308	Firmware <3.50
1009220	FL SWITCH 2308 PN	Firmware <3.50
2702910	FL SWITCH 2312-2GC-2SFP	Firmware <3.50
1006191	FL SWITCH 2314-2SFP	Firmware <3.50
1031683	FL SWITCH 2314-2SFP PN	Firmware <3.50
2702909	FL SWITCH 2316	Firmware <3.50
1031673	FL SWITCH 2316 PN	Firmware <3.50
1184084	FL SWITCH 2316/K1	Firmware <3.50
1088853	FL SWITCH 2404-2TC-2SFX	Firmware <3.50
1043414	FL SWITCH 2406-2SFX	Firmware <3.50
1089126	FL SWITCH 2406-2SFX PN	Firmware <3.50
1043412	FL SWITCH 2408	Firmware <3.50
1089133	FL SWITCH 2408 PN	Firmware <3.50
1088875	FL SWITCH 2412-2TC-2SFX	Firmware <3.50
1043423	FL SWITCH 2414-2SFX	Firmware <3.50
1089139	FL SWITCH 2414-2SFX PN	Firmware <3.50
1043416	FL SWITCH 2416	Firmware <3.50
1089150	FL SWITCH 2416 PN	Firmware <3.50
1088872	FL SWITCH 2504-2GC-2SFP	Firmware <3.50
1043491	FL SWITCH 2506-2SFP	Firmware <3.50
1089135	FL SWITCH 2506-2SFP PN	Firmware <3.50
1215329	FL SWITCH 2506-2SFP/K1	Firmware <3.50
1043484	FL SWITCH 2508	Firmware <3.50
1089134	FL SWITCH 2508 PN	Firmware <3.50
1215350	FL SWITCH 2508/K1	Firmware <3.50
1088856	FL SWITCH 2512-2GC-2SFP	Firmware <3.50
1043499	FL SWITCH 2514-2SFP	Firmware <3.50
1089154	FL SWITCH 2514-2SFP PN	Firmware <3.50
1043496	FL SWITCH 2516	Firmware <3.50
1089205	FL SWITCH 2516 PN	Firmware <3.50
1106500	FL SWITCH 2608	Firmware <3.50
1106616	FL SWITCH 2608 PN	Firmware <3.50
1106615	FL SWITCH 2708	Firmware <3.50
1106610	FL SWITCH 2708 PN	Firmware <3.50

Vulnerabilities

Expand / Collapse all

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Weakness

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness

Missing Protection Mechanism for Alternate Hardware Interface (CWE-1299)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Weakness

Use of Password Hash With Insufficient Computational Effort (CWE-916)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Weakness

Allocation of Resources Without Limits or Throttling (CWE-770)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weakness

Use of Hard-coded Credentials (CWE-798)

References

cve.org | nvd.nist.gov

Published

12/09/2025 08:57

Severity

4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Weakness

Allocation of Resources Without Limits or Throttling (CWE-770)

References

cve.org | nvd.nist.gov

Remediation

Phoenix Contact recommends to update to the latest 3.50 Firmware Release which fixes these vulnerabilities.

Acknowledgments

Phoenix Contact GmbH & Co. KG thanks the following parties for their efforts:

CERT@VDE for coordination. (see https://certvde.com )
D. Blagojevic, S. Dietz, F. Koroknai, T. Weber from CyberDanube for Reporting

Revision History

Version	Date	Summary
1.0.0	12/09/2025 09:00	Initial release.

Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2025-41752 7.1

CVE-2025-41751 7.1

CVE-2025-41750 7.1

CVE-2025-41749 7.1

CVE-2025-41748 7.1

CVE-2025-41747 7.1

CVE-2025-41746 7.1

CVE-2025-41745 7.1

CVE-2025-41695 7.1

CVE-2025-41697 6.8

CVE-2025-41692 6.8

CVE-2025-41694 6.5

CVE-2025-41696 4.6

CVE-2025-41693 4.3

Remediation

Acknowledgments

Revision History