Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-9201 (GCVE-0-2019-9201)
Vulnerability from cvelistv5 – Published: 2019-02-26 23:00 – Updated: 2024-09-16 18:39
VLAI
EPSS
Summary
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
Severity
9.8 (Critical)
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://medium.com/%40SergiuSechel/misconfigurati… | x_refsource_MISC |
| https://cert.vde.com/en/advisories/VDE-2019-015/ | x_refsource_CONFIRM |
Date Public
2022-06-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:38:46.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-06-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-21T08:05:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2022-06-21T07:00:00.000Z",
"ID": "CVE-2019-9201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561",
"refsource": "MISC",
"url": "https://medium.com/@SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
},
{
"name": "https://cert.vde.com/en/advisories/VDE-2019-015/",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9201",
"datePublished": "2019-02-26T23:00:00.000Z",
"dateReserved": "2019-02-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:39:47.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-9201",
"date": "2026-05-26",
"epss": "0.01545",
"percentile": "0.81617"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-9201\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-02-26T23:29:00.357\",\"lastModified\":\"2024-11-21T04:51:11.683\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples dispositivos Phoenix Contact permiten a los atacantes remotos establecer sesiones TCP al puerto 1962 y obtener informaci\u00f3n sensible o realizar cambios, como se ha demostrado al utilizar la funci\u00f3n Crear copia de seguridad para recorrer todos los directorios\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":8.5,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_131_eth_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"176DF3A4-F017-49AF-B91E-7E1935C5DE56\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_131_eth:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D2A4938-D680-4AA2-82B0-7FE793AE9318\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_131_eth\\\\/xc_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD92DFF-FED1-474D-A2E7-E9CEA11468AC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_131_eth\\\\/xc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"676A4E47-B36A-4C88-AD15-835843B92B97\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_151_eth_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB358CEE-2B29-4DAB-A100-36C841718D56\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_151_eth:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"301BA6C4-3E50-46CC-A6C9-E61948994F20\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_151_eth\\\\/xc_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE1801C5-62D8-4F06-ADBA-E4D8476DB07E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_151_eth\\\\/xc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35E34FD1-9A9A-426C-9788-FD75EAD712B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_171_eth_2tx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF4B7D19-2237-4BF3-A3DF-21780618E4EE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_171_eth_2tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7457430D-A906-440F-8641-F7F412605A92\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_191_eth_2tx_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0DC047-2D73-42EC-B15B-FF8969F2B470\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_191_eth_2tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA647DB2-0612-4088-BCBC-E14F726FFD8D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:ilc_191_me\\\\/an_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83317305-2342-4B3A-A806-E2853C54DCAD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:ilc_191_me\\\\/an:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86A2D18D-61B4-4F51-8891-8FCD3E06A8B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:axc_1050_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D0FC9C3-FA7C-4114-894D-3E04A8D05716\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F55C821-DAA6-4098-BB54-80F6D9ED0CD6\"}]}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2019-015/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2019-015/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
}
}
FKIE_CVE-2019-9201
Vulnerability from fkie_nvd - Published: 2019-02-26 23:29 - Updated: 2024-11-21 04:51
Severity
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_131_eth_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "176DF3A4-F017-49AF-B91E-7E1935C5DE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_131_eth:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A4938-D680-4AA2-82B0-7FE793AE9318",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_131_eth\\/xc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD92DFF-FED1-474D-A2E7-E9CEA11468AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_131_eth\\/xc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676A4E47-B36A-4C88-AD15-835843B92B97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_151_eth_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB358CEE-2B29-4DAB-A100-36C841718D56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_151_eth:-:*:*:*:*:*:*:*",
"matchCriteriaId": "301BA6C4-3E50-46CC-A6C9-E61948994F20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_151_eth\\/xc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1801C5-62D8-4F06-ADBA-E4D8476DB07E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_151_eth\\/xc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35E34FD1-9A9A-426C-9788-FD75EAD712B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_171_eth_2tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4B7D19-2237-4BF3-A3DF-21780618E4EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_171_eth_2tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7457430D-A906-440F-8641-F7F412605A92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_191_eth_2tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0DC047-2D73-42EC-B15B-FF8969F2B470",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_191_eth_2tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA647DB2-0612-4088-BCBC-E14F726FFD8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_191_me\\/an_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83317305-2342-4B3A-A806-E2853C54DCAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_191_me\\/an:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2D18D-61B4-4F51-8891-8FCD3E06A8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:axc_1050_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0FC9C3-FA7C-4114-894D-3E04A8D05716",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F55C821-DAA6-4098-BB54-80F6D9ED0CD6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories."
},
{
"lang": "es",
"value": "M\u00faltiples dispositivos Phoenix Contact permiten a los atacantes remotos establecer sesiones TCP al puerto 1962 y obtener informaci\u00f3n sensible o realizar cambios, como se ha demostrado al utilizar la funci\u00f3n Crear copia de seguridad para recorrer todos los directorios"
}
],
"id": "CVE-2019-9201",
"lastModified": "2024-11-21T04:51:11.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-26T23:29:00.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-WW84-8V4X-PVHP
Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2024-02-14 18:30
VLAI
Details
Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
Severity
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2019-9201"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-02-26T23:29:00Z",
"severity": "CRITICAL"
},
"details": "Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.",
"id": "GHSA-ww84-8v4x-pvhp",
"modified": "2024-02-14T18:30:24Z",
"published": "2022-05-13T01:23:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9201"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en/advisories/VDE-2019-015"
},
{
"type": "WEB",
"url": "https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
},
{
"type": "WEB",
"url": "https://medium.com/@SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2019-9201
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-9201",
"description": "Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC 191 ETH 2TX, ILC 191 ME/AN, and AXC 1050 devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.",
"id": "GSD-2019-9201"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-9201"
],
"details": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.",
"id": "GSD-2019-9201",
"modified": "2023-12-13T01:23:47.332195Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2022-06-21T07:00:00.000Z",
"ID": "CVE-2019-9201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561",
"refsource": "MISC",
"url": "https://medium.com/@SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
},
{
"name": "https://cert.vde.com/en/advisories/VDE-2019-015/",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_131_eth_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "176DF3A4-F017-49AF-B91E-7E1935C5DE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_131_eth:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A4938-D680-4AA2-82B0-7FE793AE9318",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_131_eth\\/xc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD92DFF-FED1-474D-A2E7-E9CEA11468AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_131_eth\\/xc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676A4E47-B36A-4C88-AD15-835843B92B97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_151_eth_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB358CEE-2B29-4DAB-A100-36C841718D56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_151_eth:-:*:*:*:*:*:*:*",
"matchCriteriaId": "301BA6C4-3E50-46CC-A6C9-E61948994F20",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_151_eth\\/xc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1801C5-62D8-4F06-ADBA-E4D8476DB07E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_151_eth\\/xc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35E34FD1-9A9A-426C-9788-FD75EAD712B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_171_eth_2tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4B7D19-2237-4BF3-A3DF-21780618E4EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_171_eth_2tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7457430D-A906-440F-8641-F7F412605A92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_191_eth_2tx_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0DC047-2D73-42EC-B15B-FF8969F2B470",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_191_eth_2tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA647DB2-0612-4088-BCBC-E14F726FFD8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:ilc_191_me\\/an_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83317305-2342-4B3A-A806-E2853C54DCAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:ilc_191_me\\/an:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86A2D18D-61B4-4F51-8891-8FCD3E06A8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:axc_1050_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0FC9C3-FA7C-4114-894D-3E04A8D05716",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F55C821-DAA6-4098-BB54-80F6D9ED0CD6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories."
},
{
"lang": "es",
"value": "M\u00faltiples dispositivos Phoenix Contact permiten a los atacantes remotos establecer sesiones TCP al puerto 1962 y obtener informaci\u00f3n sensible o realizar cambios, como se ha demostrado al utilizar la funci\u00f3n Crear copia de seguridad para recorrer todos los directorios"
}
],
"id": "CVE-2019-9201",
"lastModified": "2024-02-14T16:59:56.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
]
},
"published": "2019-02-26T23:29:00.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en/advisories/VDE-2019-015/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://medium.com/%40SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
ICSA-22-172-05
Vulnerability from csaf_cisa - Published: 2022-06-21 00:00 - Updated: 2022-06-21 00:00Summary
Phoenix Contact Classic Line Industrial Controllers
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of this vulnerability could allow an unauthorized attacker to change configurations, manipulate services, or cause a denial-of-service condition.
Critical infrastructure sectors: Multiple Sectors
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/icsSeveral recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/icsin the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability: No known public exploits specifically target this vulnerability.
9.8 (Critical)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
AXC 1050: Article number 2700988
Phoenix Contact / AXC 1050
|
2700988 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
AXC 1050XC: Article number 2701295
Phoenix Contact / AXC 1050XC
|
2701295 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
AXC 3050: Article number 2700989
Phoenix Contact / AXC 3050
|
2700989 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
FC 350 PCI ETH: Article number 2730844
Phoenix Contact / FC 350 PCI ETH
|
2730844 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
ILC 1x0: All variants
Phoenix Contact / ILC 1x0
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
ILC 1x1: All variants
Phoenix Contact / ILC 1x1
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
ILC 3xx: All variants
Phoenix Contact / ILC 3xx
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
PC WORX RT BASIC: Article number 2700291
Phoenix Contact / PC WORX RT BASIC
|
2700291 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
PC WORX SRT: Article number 2701680
Phoenix Contact / PC WORX SRT
|
2701680 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
RFC 430 ETH: Article number 2730190
Phoenix Contact / RFC 430 ETH
|
2730190 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
RFC 450 ETH: Article number 2730200
Phoenix Contact / RFC 450 ETH
|
2730200 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
RFC 460R: Article number 2700784
Phoenix Contact / RFC 460R
|
2700784 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
RFC 470S: Article number 2916794
Phoenix Contact / RFC 470S
|
2916794 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
|
|
RFC 480S: Article number 2404577
Phoenix Contact / RFC 480S
|
2404577 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
Mitigation
fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
Mitigation
|
References
6 references
Acknowledgments
Sergiu Sechel
{
"document": {
"acknowledgments": [
{
"names": [
"Sergiu Sechel"
],
"summary": "reporting this vulnerability to Phoenix Contact"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an unauthorized attacker to change configurations, manipulate services, or cause a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple Sectors",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/icsSeveral recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/icsin the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-172-05 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-172-05.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-172-05 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-172-05"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Phoenix Contact Classic Line Industrial Controllers",
"tracking": {
"current_release_date": "2022-06-21T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-172-05",
"initial_release_date": "2022-06-21T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-06-21T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2700988",
"product": {
"name": "AXC 1050: Article number 2700988",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "AXC 1050"
},
{
"branches": [
{
"category": "product_version",
"name": "2701295",
"product": {
"name": "AXC 1050XC: Article number 2701295",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "AXC 1050XC"
},
{
"branches": [
{
"category": "product_version",
"name": "2700989",
"product": {
"name": "AXC 3050: Article number 2700989",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "AXC 3050"
},
{
"branches": [
{
"category": "product_version",
"name": "2730844",
"product": {
"name": "FC 350 PCI ETH: Article number 2730844",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "FC 350 PCI ETH"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "ILC 1x0: All variants",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "ILC 1x0"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "ILC 1x1: All variants",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "ILC 1x1"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "ILC 3xx: All variants",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "ILC 3xx"
},
{
"branches": [
{
"category": "product_version",
"name": "2700291",
"product": {
"name": "PC WORX RT BASIC: Article number 2700291",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "PC WORX RT BASIC"
},
{
"branches": [
{
"category": "product_version",
"name": "2701680",
"product": {
"name": "PC WORX SRT: Article number 2701680",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "PC WORX SRT"
},
{
"branches": [
{
"category": "product_version",
"name": "2730190",
"product": {
"name": "RFC 430 ETH: Article number 2730190",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "RFC 430 ETH"
},
{
"branches": [
{
"category": "product_version",
"name": "2730200",
"product": {
"name": "RFC 450 ETH: Article number 2730200",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "RFC 450 ETH"
},
{
"branches": [
{
"category": "product_version",
"name": "2700784",
"product": {
"name": "RFC 460R: Article number 2700784",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "RFC 460R"
},
{
"branches": [
{
"category": "product_version",
"name": "2916794",
"product": {
"name": "RFC 470S: Article number 2916794",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "RFC 470S"
},
{
"branches": [
{
"category": "product_version",
"name": "2404577",
"product": {
"name": "RFC 480S: Article number 2404577",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "RFC 480S"
}
],
"category": "vendor",
"name": "Phoenix Contact"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-9201",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "summary",
"text": "The affected product does not feature a function to authenticate communication protocols, which could allow an unauthorized attacker to change or download the configuration, start or stop services, update or modify the firmware, or shut down the device.CVE-2019-9201 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9201"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact classic line controllers are designed and developed for use in closed industrial networks. The control and configuration protocols do not feature authentication mechanisms by design. Phoenix Contact recommends using the devices exclusively in closed networks, protected by a suitable firewall.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "If the use of an affected controller in protected zones is not suitable, OT communication protocols should be disabled either by using the CPU services via console or web-based management according to the controller type.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "Information for which controllers and from which firmware version communication protocols can be disabled are described in Phoenix Contact\u0027s application note for classic line controllers, or the manual to the respective controller, which is available for download at the Phoenix Contact website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
],
"url": "https://www.phoenixcontact.com/en-us/service-and-support"
},
{
"category": "mitigation",
"details": "For detailed information on Phoenix Contact\u0027s recommendations for measures to protect network-capable devices, please refer to their application note for classic line controllers",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "Measures to protect devices based on classic control technology",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
],
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/74777de2d270be4cb4828ee57173dbd0/Application-note_110637_en_00.pdf"
},
{
"category": "mitigation",
"details": "ILC 1x0: All variants, firmware: no fix",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "ILC 1x1: All variants, firmware: 4.42",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "ILC 1x1 GMS/GPRS: Article number2700977, firmware: 4.42",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "ILC 3xx: All variants, firmware 3.98",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "AXC 1050: Article number 2700988, firmware 3.01, 5.00 (WBM)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "AXC 1050XC: Article number 2701295, firmware 3.01, 5.00 (WBM)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "AXC 3050: Article number 2700989, firmware 5.60, 6.30 (WBM)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "vendor_fix",
"details": "RFC 480S PN 4TX: Article number 2404577, firmware 6.10",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "RFC 470 PN 3TX: Article number 291660, firmware 4.20",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "RFC 470S PN 3TX: Article number 2916794, firmware 4.20",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "RFC 460R PN 3TX: Article number 2700784, firmware 5.00",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "RFC 460R PN 3TX-S: Article number 1096407, firmware 5.30",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "RFC 430 ETH-IB: Article number 2730190, no fix",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "RFC 450 ETH-IB: Article number 2730200, no fix",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "PC WORX SRT: Article number 2701680, no fix",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "PC WORX RT BASIC: Article number 2700291, no fix",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
},
{
"category": "mitigation",
"details": "FC 350 PCI ETH: Article number 2730844, no fix",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014"
]
}
]
}
]
}
VDE-2019-015
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2019-08-07 00:00 - Updated: 2025-07-11 07:00Summary
PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers
Notes
Summary: Phoenix Contact Classic Line industrial controllers (ILC1x0 and ILC1x1 product families as well as the AXIOLINE controllers AXC1050 and AXC3050) are developed and designed for the use in closed industrial networks. The communication protocols used for device management and configuration do not feature authentication measures.
Update A, 2022-06-21
This updated version contains additional affected products.In addition, a new application note for classic line controllers had been published to make it easier for our customers to find out the actions how to disable the unauthorized communication ports instead of checking out each controller's manual.
Impact: If the above-mentioned controllers are used in an unprotected open network, an unauthorized attacker can change or download the device code/configuration, start or stop services, update or modify the firmware or shutdown the device.
Mitigation: Customers using Phoenix Contact classic line controllers are recommended to operate the devices in closed networks or protected with a suitable firewall as intended.
For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note external link for classic line controllers.
If the use of an affected controller in protected zones is not suitable OT communication protocols should be disabled. Either by using the CPU services via console or Web-based Management according to the controller type.
Information's for which controllers and from which firmware version communication protocols can be disabled are described in our application note for classic line controllers or the manual to the respective controller which is available for download at the Phoenix Contact website.
Controller supporting CPU services or WBM for disabling communication protocols:
| Article | Article Number | Minimum firmware version |
|----------------------|----------------|----------------------------------|
| ILC 1x0 | All variants | not possible |
| ILC 1x1 | All variants | >= FW 4.42 |
| ILC 1x1 GSM/GPRS | 2700977 | >= FW 4.42 |
| ILC 3xx | All variants | FW 3.98 |
| AXC 1050 | 2700988 | >= FW 3.01, FW 5.00 (WBM) |
| AXC 1050 XC | 2701295 | >= FW 3.01, FW 5.00 (WBM) |
| AXC 3050 | 2700989 | >= FW 5.60, FW 6.30 (WBM) |
| RFC 480S PN 4TX | 2404577 | FW 6.10 |
| RFC 470 PN 3TX | 2916600 | >= FW 4.20 |
| RFC 470S PN 3TX | 2916794 | >= FW 4.20 |
| RFC 460R PN 3TX | 2700784 | >= FW 5.00 |
| RFC 460R PN 3TX-S | 1096407 | FW 5.30 |
| RFC 430 ETH-IB | 2730190 | not possible |
| RFC 450 ETH-IB | 2730200 | not possible |
| PC WORX SRT | 2701680 | not possible |
| PC WORX RT BASIC | 2700291 | not possible |
| FC 350 PCI ETH | 2730844 | not possible |
Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.
9.8 (Critical)
Mitigation
Customers using Phoenix Contact classic line controllers are recommended to operate the devices in closed networks or protected with a suitable firewall as intended.
For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note external link for classic line controllers.
If the use of an affected controller in protected zones is not suitable OT communication protocols should be disabled. Either by using the CPU services via console or Web-based Management according to the controller type.
Information's for which controllers and from which firmware version communication protocols can be disabled are described in our application note for classic line controllers or the manual to the respective controller which is available for download at the Phoenix Contact website.
Controller supporting CPU services or WBM for disabling communication protocols:
| Article | Article Number | Minimum firmware version |
|----------------------|----------------|----------------------------------|
| ILC 1x0 | All variants | not possible |
| ILC 1x1 | All variants | >= FW 4.42 |
| ILC 1x1 GSM/GPRS | 2700977 | >= FW 4.42 |
| ILC 3xx | All variants | FW 3.98 |
| AXC 1050 | 2700988 | >= FW 3.01, FW 5.00 (WBM) |
| AXC 1050 XC | 2701295 | >= FW 3.01, FW 5.00 (WBM) |
| AXC 3050 | 2700989 | >= FW 5.60, FW 6.30 (WBM) |
| RFC 480S PN 4TX | 2404577 | FW 6.10 |
| RFC 470 PN 3TX | 2916600 | >= FW 4.20 |
| RFC 470S PN 3TX | 2916794 | >= FW 4.20 |
| RFC 460R PN 3TX | 2700784 | >= FW 5.00 |
| RFC 460R PN 3TX-S | 1096407 | FW 5.30 |
| RFC 430 ETH-IB | 2730190 | not possible |
| RFC 450 ETH-IB | 2730200 | not possible |
| PC WORX SRT | 2701680 | not possible |
| PC WORX RT BASIC | 2700291 | not possible |
| FC 350 PCI ETH | 2730844 | not possible |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — | ||
| Unresolved product id: CSAFPID-31010 | — | ||
| Unresolved product id: CSAFPID-31011 | — | ||
| Unresolved product id: CSAFPID-31012 | — | ||
| Unresolved product id: CSAFPID-31013 | — | ||
| Unresolved product id: CSAFPID-31014 | — | ||
| Unresolved product id: CSAFPID-31015 | — | ||
| Unresolved product id: CSAFPID-31016 | — |
References
3 references
Acknowledgments
CERT@VDE
Forescout
Sergiu Sechel
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination"
},
{
"organization": "Forescout",
"summary": "re-discovered"
},
{
"organization": "Sergiu Sechel",
"summary": "reported"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Phoenix Contact Classic Line industrial controllers (ILC1x0 and ILC1x1 product families as well as the AXIOLINE controllers AXC1050 and AXC3050) are developed and designed for the use in closed industrial networks. The communication protocols used for device management and configuration do not feature authentication measures.\nUpdate A, 2022-06-21\nThis updated version contains additional affected products.In addition, a new application note for classic line controllers had been published to make it easier for our customers to find out the actions how to disable the unauthorized communication ports instead of checking out each controller\u0027s manual.",
"title": "Summary"
},
{
"category": "description",
"text": "If the above-mentioned controllers are used in an unprotected open network, an unauthorized attacker can change or download the device code/configuration, start or stop services, update or modify the firmware or shutdown the device.",
"title": "Impact"
},
{
"category": "description",
"text": "Customers using Phoenix Contact classic line controllers are recommended to operate the devices in closed networks or protected with a suitable firewall as intended.\n\nFor detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note external link for classic line controllers.\n\nIf the use of an affected controller in protected zones is not suitable OT communication protocols should be disabled. Either by using the CPU services via console or Web-based Management according to the controller type.\nInformation\u0027s for which controllers and from which firmware version communication protocols can be disabled are described in our application note for classic line controllers or the manual to the respective controller which is available for download at the Phoenix Contact website.\n\nController supporting CPU services or WBM for disabling communication protocols:\n\n| Article | Article Number | Minimum firmware version |\n|----------------------|----------------|----------------------------------|\n| ILC 1x0 | All variants | not possible |\n| ILC 1x1 | All variants | \u003e= FW 4.42 |\n| ILC 1x1 GSM/GPRS | 2700977 | \u003e= FW 4.42 |\n| ILC 3xx | All variants | FW 3.98 |\n| AXC 1050 | 2700988 | \u003e= FW 3.01, FW 5.00 (WBM) |\n| AXC 1050 XC | 2701295 | \u003e= FW 3.01, FW 5.00 (WBM) |\n| AXC 3050 | 2700989 | \u003e= FW 5.60, FW 6.30 (WBM) |\n| RFC 480S PN 4TX | 2404577 | FW 6.10 |\n| RFC 470 PN 3TX | 2916600 | \u003e= FW 4.20 |\n| RFC 470S PN 3TX | 2916794 | \u003e= FW 4.20 |\n| RFC 460R PN 3TX | 2700784 | \u003e= FW 5.00 |\n| RFC 460R PN 3TX-S | 1096407 | FW 5.30 |\n| RFC 430 ETH-IB | 2730190 | not possible |\n| RFC 450 ETH-IB | 2730200 | not possible |\n| PC WORX SRT | 2701680 | not possible |\n| PC WORX RT BASIC | 2700291 | not possible |\n| FC 350 PCI ETH | 2730844 | not possible |",
"title": "Mitigation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for \tPHOENIX CONTACT",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2019-015: PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers - HTML",
"url": "https://certvde.com/de/advisories/VDE-2019-015/"
},
{
"category": "self",
"summary": "VDE-2019-015: PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2019/vde-2019-015.json"
}
],
"title": "PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers",
"tracking": {
"aliases": [
"VDE-2019-015"
],
"current_release_date": "2025-07-11T07:00:00.000Z",
"generator": {
"date": "2025-07-11T06:53:15.755Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.29"
}
},
"id": "VDE-2019-015",
"initial_release_date": "2019-08-07T00:00:00.000Z",
"revision_history": [
{
"date": "2019-08-07T00:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2022-06-21T05:14:00.000Z",
"number": "2.0.0",
"summary": "final version."
},
{
"date": "2024-11-06T11:27:01.000Z",
"number": "3.0.0",
"summary": "Fix: correct certvde domain, added alias, added self-reference"
},
{
"date": "2025-02-12T16:48:47.000Z",
"number": "4.0.0",
"summary": "Fix: corrected self-reference, fixed version"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "5.0.0",
"summary": "Fix: version term, quotation mark"
},
{
"date": "2025-06-04T08:00:00.000Z",
"number": "6.0.0",
"summary": "Fix: Version Range"
},
{
"date": "2025-07-11T06:30:00.000Z",
"number": "6.0.1",
"summary": "Fixed vendor name in product tree.\nSwitched to Semver versioning in document revisions."
},
{
"date": "2025-07-11T07:00:00.000Z",
"number": "7.0.0",
"summary": "Increased major version due to changes to the product tree in the previous version."
}
],
"status": "final",
"version": "7.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC 1050",
"product": {
"name": "AXC 1050",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"2700988"
]
}
}
},
{
"category": "product_name",
"name": "AXC 1050 XC",
"product": {
"name": "AXC 1050 XC",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2701295"
]
}
}
},
{
"category": "product_name",
"name": "AXC 3050",
"product": {
"name": "AXC 3050",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"2700989"
]
}
}
},
{
"category": "product_name",
"name": "FC 350 PCI ETH",
"product": {
"name": "FC 350 PCI ETH",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"2730844"
]
}
}
},
{
"category": "product_name",
"name": "ILC1x0",
"product": {
"name": "ILC1x0",
"product_id": "CSAFPID-11005"
}
},
{
"category": "product_name",
"name": "ILC1x1",
"product": {
"name": "ILC1x1",
"product_id": "CSAFPID-11006"
}
},
{
"category": "product_name",
"name": "ILC 1x1 GSM/GPRS",
"product": {
"name": "ILC 1x1 GSM/GPRS",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"2700977"
]
}
}
},
{
"category": "product_name",
"name": "PC WORX RT BASIC",
"product": {
"name": "PC WORX RT BASIC",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"2700291"
]
}
}
},
{
"category": "product_name",
"name": "PC WORX SRT",
"product": {
"name": "PC WORX SRT",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"2701680"
]
}
}
},
{
"category": "product_name",
"name": "RFC 430 ETH-IB",
"product": {
"name": "RFC 430 ETH-IB",
"product_id": "CSAFPID-11010",
"product_identification_helper": {
"model_numbers": [
"2730190"
]
}
}
},
{
"category": "product_name",
"name": "RFC 450 ETH-IB",
"product": {
"name": "RFC 450 ETH-IB",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"2730200"
]
}
}
},
{
"category": "product_name",
"name": "RFC 460R PN 3TX",
"product": {
"name": "RFC 460R PN 3TX",
"product_id": "CSAFPID-11012",
"product_identification_helper": {
"model_numbers": [
"2700784"
]
}
}
},
{
"category": "product_name",
"name": "RFC 460R PN 3TX-S",
"product": {
"name": "RFC 460R PN 3TX-S",
"product_id": "CSAFPID-11013",
"product_identification_helper": {
"model_numbers": [
"1096407"
]
}
}
},
{
"category": "product_name",
"name": "RFC 470 PN 3TX",
"product": {
"name": "RFC 470 PN 3TX",
"product_id": "CSAFPID-11014",
"product_identification_helper": {
"model_numbers": [
"2916600"
]
}
}
},
{
"category": "product_name",
"name": "RFC 470S PN 3TX",
"product": {
"name": "RFC 470S PN 3TX",
"product_id": "CSAFPID-11015",
"product_identification_helper": {
"model_numbers": [
"2916794"
]
}
}
},
{
"category": "product_name",
"name": "RFC 480S PN 4TX",
"product": {
"name": "RFC 480S PN 4TX",
"product_id": "CSAFPID-11016",
"product_identification_helper": {
"model_numbers": [
"2404577"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Firmware vers:all/*",
"product_id": "CSAFPID-21001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on AXC 1050",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on AXC 1050 XC",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on AXC 3050",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on FC 350 PCI ETH",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on ILC1x0",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on ILC1x1",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on ILC 1x1 GSM/GPRS",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on PC WORX RT BASIC",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on PC WORX SRT",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 430 ETH-IB",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 450 ETH-IB",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 460R PN 3TX",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 460R PN 3TX-S",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 470 PN 3TX",
"product_id": "CSAFPID-31014"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 470S PN 3TX",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on RFC 480S PN 4TX",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11016"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-9201",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "description",
"text": "Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Customers using Phoenix Contact classic line controllers are recommended to operate the devices in closed networks or protected with a suitable firewall as intended.\n\nFor detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note external link for classic line controllers.\n\nIf the use of an affected controller in protected zones is not suitable OT communication protocols should be disabled. Either by using the CPU services via console or Web-based Management according to the controller type.\nInformation\u0027s for which controllers and from which firmware version communication protocols can be disabled are described in our application note for classic line controllers or the manual to the respective controller which is available for download at the Phoenix Contact website.\n\nController supporting CPU services or WBM for disabling communication protocols:\n\n| Article | Article Number | Minimum firmware version |\n|----------------------|----------------|----------------------------------|\n| ILC 1x0 | All variants | not possible |\n| ILC 1x1 | All variants | \u003e= FW 4.42 |\n| ILC 1x1 GSM/GPRS | 2700977 | \u003e= FW 4.42 |\n| ILC 3xx | All variants | FW 3.98 |\n| AXC 1050 | 2700988 | \u003e= FW 3.01, FW 5.00 (WBM) |\n| AXC 1050 XC | 2701295 | \u003e= FW 3.01, FW 5.00 (WBM) |\n| AXC 3050 | 2700989 | \u003e= FW 5.60, FW 6.30 (WBM) |\n| RFC 480S PN 4TX | 2404577 | FW 6.10 |\n| RFC 470 PN 3TX | 2916600 | \u003e= FW 4.20 |\n| RFC 470S PN 3TX | 2916794 | \u003e= FW 4.20 |\n| RFC 460R PN 3TX | 2700784 | \u003e= FW 5.00 |\n| RFC 460R PN 3TX-S | 1096407 | FW 5.30 |\n| RFC 430 ETH-IB | 2730190 | not possible |\n| RFC 450 ETH-IB | 2730200 | not possible |\n| PC WORX SRT | 2701680 | not possible |\n| PC WORX RT BASIC | 2700291 | not possible |\n| FC 350 PCI ETH | 2730844 | not possible |",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016"
]
}
],
"title": "CVE-2019-9201"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…