CVE-2017-16741

Name of the Vulnerable Software and Affected Versions PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products versions 1.0 through 1.32

Description An Information Exposure issue allows a remote unauthenticated attacker to use Monitor Mode on the device to read diagnostic information. The vulnerability is related to deficiencies in the authorization procedure, which can be exploited by a remote attacker to view diagnostic information using the device's Monitor Mode.

Recommendations For versions 1.0 through 1.32, as a temporary workaround, consider disabling the Monitor Mode on the device until a patch is available. Restrict access to the diagnostic information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.