PT-2019-12129 · Phoenix Contact · Axc F 2152 Starterkit+1

Publicado

2019-06-18

Atualizado

2019-06-20

CVE-2019-10998

CVSS v3.1

6.8

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Phoenix Contact AXC F 2152 versions prior to 2019.0 LTS Phoenix Contact AXC F 2152 STARTERKIT versions prior to 2019.0 LTS

Description An issue allows unlimited physical access to the Programmable Logic Controller (PLC), which may lead to manipulation of SD card data. This SD card manipulation can result in an authentication bypass opportunity.

Recommendations For Phoenix Contact AXC F 2152 versions prior to 2019.0 LTS, update to version 2019.0 LTS or later to resolve the issue. For Phoenix Contact AXC F 2152 STARTERKIT versions prior to 2019.0 LTS, update to version 2019.0 LTS or later to resolve the issue.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2019-10998

Produtos afetados

Axc F 2152

Axc F 2152 Starterkit

PT-2019-12129 · Phoenix Contact · Axc F 2152 Starterkit+1

CVE-2019-10998

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3