VDE-2021-025

Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2021-06-23 12:19 - Updated: 2025-05-14 12:28
Summary
PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products
Notes
Summary: A Denial of Service and a CA Check Problem have been identified in multiple openSSL 1.1.1 versions, which are utilized in the Phoenix Contact products listed above.
Impact: Note: ILC 20250 is only affected by CVE-2021-3449
Mitigation: Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note: Measures to protect network-capable devices with Ethernet connection
Remediation: Phoenix Contact strongly recommends updating to the latest firmware mentioned in the list of affected products, which fixes this vulnerability. A fix for ILC 2050, and some TC ROUTER and CLOUD CLIENT devices will be available end of Q2 2021. This advisory will be updated as soon as the fixes are available for download.
CVE-2021-3450

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).

7.4 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE-295 - Improper Certificate Validation
Mitigation Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note: Measures to protect network-capable devices with Ethernet connection.
CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

7.4 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE-476 - NULL Pointer Dereference
Mitigation Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note: Measures to protect network-capable devices with Ethernet connection.
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "A Denial of Service and a CA Check Problem have been identified in multiple openSSL 1.1.1 versions, which are utilized in the Phoenix Contact products listed above.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Note: ILC 20250 is only affected by CVE-2021-3449",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\nMeasures to protect network-capable devices with Ethernet connection ",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Phoenix Contact strongly recommends updating to the latest firmware mentioned in the list of affected products, which fixes this vulnerability.\nA fix for ILC 2050, and some TC ROUTER and CLOUD CLIENT devices will be available end of Q2 2021. This advisory will be updated as soon as the fixes are available for download.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@phoenixcontact.com",
      "name": "Phoenix Contact GmbH \u0026 Co. KG",
      "namespace": "https://phoenixcontact.com/psirt"
    },
    "references": [
      {
        "category": "external",
        "summary": "PHOENIX CONTACT advisory overview at CERT@VDE",
        "url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
      },
      {
        "category": "self",
        "summary": "VDE-2021-025: PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2020-007"
      },
      {
        "category": "self",
        "summary": "VDE-2021-025: PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products - CSAF",
        "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-025.json"
      }
    ],
    "title": "PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products",
    "tracking": {
      "aliases": [
        "VDE-2021-025"
      ],
      "current_release_date": "2025-05-14T12:28:19.000Z",
      "generator": {
        "date": "2025-02-10T09:23:12.720Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.18"
        }
      },
      "id": "VDE-2021-025",
      "initial_release_date": "2021-06-23T12:19:00.000Z",
      "revision_history": [
        {
          "date": "2021-05-04T08:17:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2025-02-10T09:30:00.000Z",
          "number": "2",
          "summary": "Update: Provider data has been corrected"
        },
        {
          "date": "2025-05-14T12:28:19.000Z",
          "number": "3",
          "summary": "Fix: version space, added distribution"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CLOUD CLIENT 1101T-TX/TX",
                "product": {
                  "name": "CLOUD CLIENT 1101T-TX/TX",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1221706"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "CLOUD CLIENT 2002T-4G EU",
                "product": {
                  "name": "CLOUD CLIENT 2002T-4G EU",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1234355"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "CLOUD CLIENT 2002T-WLAN",
                "product": {
                  "name": "CLOUD CLIENT 2002T-WLAN",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1234360"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "CLOUD CLIENT 2102T-4G EU WLAN",
                "product": {
                  "name": "CLOUD CLIENT 2102T-4G EU WLAN",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1234357"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "ENERGY AXC PU",
                "product": {
                  "name": "ENERGY AXC PU",
                  "product_id": "CSAFPID-11005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1264327"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "ILC 2050 BI",
                "product": {
                  "name": "ILC 2050 BI",
                  "product_id": "CSAFPID-11006",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2403160"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "ILC 2050 BI-L",
                "product": {
                  "name": "ILC 2050 BI-L",
                  "product_id": "CSAFPID-11007",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2404671"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SMARTRTU AXC IG",
                "product": {
                  "name": "SMARTRTU AXC IG",
                  "product_id": "CSAFPID-11008",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1264328"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SMARTRTU AXC SG",
                "product": {
                  "name": "SMARTRTU AXC SG",
                  "product_id": "CSAFPID-11009",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1110435"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC ROUTER 2002T-3G",
                "product": {
                  "name": "TC ROUTER 2002T-3G",
                  "product_id": "CSAFPID-11010",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702529",
                      "2702531"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC ROUTER 3002T-4G",
                "product": {
                  "name": "TC ROUTER 3002T-4G",
                  "product_id": "CSAFPID-11011",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702528",
                      "2702530"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC ROUTER 3002T-4G ATT",
                "product": {
                  "name": "TC ROUTER 3002T-4G ATT",
                  "product_id": "CSAFPID-11012",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702533"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC ROUTER 3002T-4G VZW",
                "product": {
                  "name": "TC ROUTER 3002T-4G VZW",
                  "product_id": "CSAFPID-11013",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2702532"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC ROUTER 4002T-4G EU",
                "product": {
                  "name": "TC ROUTER 4002T-4G EU",
                  "product_id": "CSAFPID-11014",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1234352"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TC ROUTER 4102T-4G EU WLAN",
                "product": {
                  "name": "TC ROUTER 4102T-4G EU WLAN",
                  "product_id": "CSAFPID-11015",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1234353",
                      "1234354"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "AXC F 1152",
                "product": {
                  "name": "AXC F 1152",
                  "product_id": "CSAFPID-11016",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1151412"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "AXC F 2152",
                "product": {
                  "name": "AXC F 2152",
                  "product_id": "CSAFPID-11017",
                  "product_identification_helper": {
                    "model_numbers": [
                      "2404267"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "AXC F 3152",
                "product": {
                  "name": "AXC F 3152",
                  "product_id": "CSAFPID-11018",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1069208"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "RFC 4072S",
                "product": {
                  "name": "RFC 4072S",
                  "product_id": "CSAFPID-11019",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1051328"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "AXC F 2152 Starterkit",
                "product": {
                  "name": "AXC F 2152 Starterkit",
                  "product_id": "CSAFPID-11020",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1046568"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "PLCnext Technology Starterkit",
                "product": {
                  "name": "PLCnext Technology Starterkit",
                  "product_id": "CSAFPID-11021",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1188165"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FL MGUARD DM UNLIMITED",
                "product": {
                  "name": "FL MGUARD DM UNLIMITED",
                  "product_id": "CSAFPID-11022"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.06.5",
                "product": {
                  "name": "Firmware \u003c2.06.5",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=4.5.72.100",
                "product": {
                  "name": "Firmware \u003c=4.5.72.100",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=V4.10.0.0",
                "product": {
                  "name": "Firmware \u003c=V4.10.0.0",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=1.5.1",
                "product": {
                  "name": "Firmware \u003c=1.5.1",
                  "product_id": "CSAFPID-21004"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=V1.0.0.0",
                "product": {
                  "name": "Firmware \u003c=V1.0.0.0",
                  "product_id": "CSAFPID-21005"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=V1.6.0.1",
                "product": {
                  "name": "Firmware \u003c=V1.6.0.1",
                  "product_id": "CSAFPID-21006"
                }
              },
              {
                "category": "product_version",
                "name": "2021.0.5 LTS",
                "product": {
                  "name": "Firmware 2021.0.5 LTS",
                  "product_id": "CSAFPID-22001"
                }
              },
              {
                "category": "product_version",
                "name": "1.13",
                "product": {
                  "name": "Firmware 1.13",
                  "product_id": "CSAFPID-22002"
                }
              },
              {
                "category": "product_version",
                "name": "2.06.5",
                "product": {
                  "name": "Firmware 2.06.5",
                  "product_id": "CSAFPID-22003"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=2021.0 LTS",
                "product": {
                  "name": "Firmware \u003c=2021.0 LTS",
                  "product_id": "CSAFPID-21007"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=1.12",
                "product": {
                  "name": "Firmware \u003c=1.12",
                  "product_id": "CSAFPID-21008"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "PHOENIX CONTACT"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022"
        ],
        "summary": "Affected Products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012"
        ],
        "summary": "Fixed Products"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c2.06.5 installed on CLOUD CLIENT 1101T-TX/TX",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=4.5.72.100 installed on CLOUD CLIENT 2002T-4G EU",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=4.5.72.100 installed on CLOUD CLIENT 2002T-WLAN",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=4.5.72.100 installed on CLOUD CLIENT 2102T-4G EU WLAN",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=V4.10.0.0 installed on ENERGY AXC PU",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.5.1 installed on ILC 2050 BI",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.5.1 installed on ILC 2050 BI-L",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=V1.0.0.0 installed on SMARTRTU AXC IG",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=V1.6.0.1 installed on SMARTRTU AXC SG",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21006",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c2.06.5 installed on TC ROUTER 2002T-3G",
          "product_id": "CSAFPID-31010"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c2.06.5 installed on TC ROUTER 3002T-4G",
          "product_id": "CSAFPID-31011"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c2.06.5 installed on TC ROUTER 3002T-4G ATT",
          "product_id": "CSAFPID-31012"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c2.06.5 installed on TC ROUTER 3002T-4G VZW",
          "product_id": "CSAFPID-31013"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=4.5.72.100 installed on TC ROUTER 4002T-4G EU",
          "product_id": "CSAFPID-31014"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=4.5.72.100 installed on TC ROUTER 4102T-4G EU WLAN",
          "product_id": "CSAFPID-31015"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.06.5 installed on TC ROUTER 3002T-4G",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.06.5 installed on TC ROUTER 2002T-3G",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.06.5 installed on TC ROUTER 3002T-4G VZW",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.06.5 installed on TC ROUTER 3002T-4G ATT",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.06.5 installed on CLOUD CLIENT 1101T-TX/TX",
          "product_id": "CSAFPID-32005"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2021.0 LTS installed on AXC F 1152",
          "product_id": "CSAFPID-31016"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2021.0 LTS installed on AXC F 2152",
          "product_id": "CSAFPID-31017"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2021.0 LTS installed on AXC F 3152",
          "product_id": "CSAFPID-31018"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2021.0 LTS installed on RFC 4072S",
          "product_id": "CSAFPID-31019"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2021.0 LTS installed on AXC F 2152 Starterkit",
          "product_id": "CSAFPID-31020"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2021.0 LTS installed on PLCnext Technology Starterkit",
          "product_id": "CSAFPID-31021"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11021"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.12 installed on FL MGUARD DM UNLIMITED",
          "product_id": "CSAFPID-31022"
        },
        "product_reference": "CSAFPID-21008",
        "relates_to_product_reference": "CSAFPID-11022"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2021.0.5 LTS installed on AXC F 1152",
          "product_id": "CSAFPID-32006"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2021.0.5 LTS installed on AXC F 2152",
          "product_id": "CSAFPID-32007"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2021.0.5 LTS installed on AXC F 3152",
          "product_id": "CSAFPID-32008"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11018"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2021.0.5 LTS installed on RFC 4072S",
          "product_id": "CSAFPID-32009"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11019"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2021.0.5 LTS installed on AXC F 2152 Starterkit",
          "product_id": "CSAFPID-32010"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11020"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2021.0.5 LTS installed on PLCnext Technology Starterkit",
          "product_id": "CSAFPID-32011"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11021"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 1.13 installed on FL MGUARD DM UNLIMITED",
          "product_id": "CSAFPID-32012"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11022"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3450",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a \"purpose\" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named \"purpose\" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\nMeasures to protect network-capable devices with Ethernet connection.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.4,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.4,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021",
            "CSAFPID-31022"
          ]
        }
      ],
      "title": "CVE-2021-3450"
    },
    {
      "cve": "CVE-2021-3449",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "description",
          "text": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017",
          "CSAFPID-31018",
          "CSAFPID-31019",
          "CSAFPID-31020",
          "CSAFPID-31021",
          "CSAFPID-31022"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\nMeasures to protect network-capable devices with Ethernet connection.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.4,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.4,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017",
            "CSAFPID-31018",
            "CSAFPID-31019",
            "CSAFPID-31020",
            "CSAFPID-31021",
            "CSAFPID-31022"
          ]
        }
      ],
      "title": "CVE-2021-3449"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.