Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for ILC 171 by PHOENIX CONTACT

    CVE-2018-25112 (GCVE-0-2018-25112)

    Vulnerability from nvd – Published: 2025-06-04 09:37 – Updated: 2025-06-04 13:16
    VLAI
    Title
    PHOENIX CONTACT: ILC 1x1 ETH Denial of Service
    Summary
    An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Credits
    Matthias Niedermaier (Hochschule Augsburg) Jan-Ole Malchow (Freie Universität Berlin) Florian Fischer (Hochschule Augsburg)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25112",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-04T13:15:35.632513Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-04T13:16:07.981Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ILC 131",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ILC 151",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ILC 171",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ILC 191 ETH",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Matthias Niedermaier (Hochschule Augsburg)"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Jan-Ole Malchow (Freie Universita\u0308t Berlin)"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Florian Fischer (Hochschule Augsburg)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
                }
              ],
              "value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-04T09:37:34.736Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://certvde.com/en/advisories/VDE-2018-012/"
            }
          ],
          "source": {
            "advisory": "VDE-2018-012",
            "discovery": "EXTERNAL"
          },
          "title": "PHOENIX CONTACT: ILC 1x1 ETH Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2018-25112",
        "datePublished": "2025-06-04T09:37:34.736Z",
        "dateReserved": "2025-06-04T08:00:35.844Z",
        "dateUpdated": "2025-06-04T13:16:07.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-25112 (GCVE-0-2018-25112)

    Vulnerability from cvelistv5 – Published: 2025-06-04 09:37 – Updated: 2025-06-04 13:16
    VLAI
    Title
    PHOENIX CONTACT: ILC 1x1 ETH Denial of Service
    Summary
    An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Credits
    Matthias Niedermaier (Hochschule Augsburg) Jan-Ole Malchow (Freie Universität Berlin) Florian Fischer (Hochschule Augsburg)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25112",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-04T13:15:35.632513Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-04T13:16:07.981Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ILC 131",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ILC 151",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ILC 171",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ILC 191 ETH",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "status": "affected",
                  "version": "vers:all/*"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Matthias Niedermaier (Hochschule Augsburg)"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Jan-Ole Malchow (Freie Universita\u0308t Berlin)"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Florian Fischer (Hochschule Augsburg)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
                }
              ],
              "value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-04T09:37:34.736Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://certvde.com/en/advisories/VDE-2018-012/"
            }
          ],
          "source": {
            "advisory": "VDE-2018-012",
            "discovery": "EXTERNAL"
          },
          "title": "PHOENIX CONTACT: ILC 1x1 ETH Denial of Service",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2018-25112",
        "datePublished": "2025-06-04T09:37:34.736Z",
        "dateReserved": "2025-06-04T08:00:35.844Z",
        "dateUpdated": "2025-06-04T13:16:07.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }