PT-2019-12128 · Phoenix Contact+1 · Pc Worx Engineer+3

Publicado

2019-06-17

Atualizado

2020-08-24

CVE-2019-10997

CVSS v2.0

7.1

Alta

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Phoenix Contact AXC F 2152 versions prior to 2019.0 LTS Phoenix Contact AXC F 2152 STARTERKIT versions prior to 2019.0 LTS

Description An issue was discovered where protocol fuzzing by a man-in-the-middle attacker on PC WORX Engineer can stop the PLC service, requiring a device reboot or manual restart of the PLC service via a Linux shell.

Recommendations For Phoenix Contact AXC F 2152 versions prior to 2019.0 LTS, update to version 2019.0 LTS or later. For Phoenix Contact AXC F 2152 STARTERKIT versions prior to 2019.0 LTS, update to version 2019.0 LTS or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2019-10997

Produtos afetados

Linux

Pc Worx Engineer

Phoenix Contact Axc F 2152

Phoenix Contact Axc F 2152 Starterkit

PT-2019-12128 · Phoenix Contact+1 · Pc Worx Engineer+3

CVE-2019-10997

Identificadores relacionados

Produtos afetados

Referências · 3