VDE-2021-052
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2021-11-03 09:45 - Updated: 2025-05-22 13:03Summary
PHOENIX CONTACT: PC Worx/-Express prone to improper input validation vulnerability
Notes
Summary: PC Worx / -Express is vulnerable to a 'zip slip' style vulnerability when loading a project file.
Impact: Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.
Automated systems in operation which were programmed with one of the above-mentioned products are not affected.
Mitigation: We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.
In addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity.
Remediation: With the next version of Automation Worx Software Suite additional plausibility checks for archive content will be implemented.
7.8 (High)
Mitigation
We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.
In addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity.
Vendor Fix
With the next version of Automation Worx Software Suite additional plausibility checks for archive content will be implemented.
References
Acknowledgments
CERTVDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERTVDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Jake Baines"
],
"organization": "Dragos Inc.",
"summary": "reporting",
"urls": [
"https://www.dragos.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "PC Worx / -Express is vulnerable to a \u0027zip slip\u0027 style vulnerability when loading a project file.",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.\nAutomated systems in operation which were programmed with one of the above-mentioned products are not affected.",
"title": "Impact"
},
{
"category": "description",
"text": "We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity.",
"title": "Mitigation"
},
{
"category": "description",
"text": "With the next version of Automation Worx Software Suite additional plausibility checks for archive content will be implemented.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PHOENIX CONTACT advisory overview at CERT@VDE",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2021-052: PHOENIX CONTACT: PC Worx/-Express prone to improper input validation vulnerability - HTML",
"url": "https://certvde.com/en/advisories/VDE-2021-052"
},
{
"category": "self",
"summary": "VDE-2021-052: PHOENIX CONTACT: PC Worx/-Express prone to improper input validation vulnerability - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-052.json"
}
],
"title": "PHOENIX CONTACT: PC Worx/-Express prone to improper input validation vulnerability",
"tracking": {
"aliases": [
"VDE-2021-052"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-03-11T16:16:41.541Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.20"
}
},
"id": "VDE-2021-052",
"initial_release_date": "2021-11-03T09:45:00.000Z",
"revision_history": [
{
"date": "2021-11-03T09:45:00.000Z",
"number": "1",
"summary": "initial revision"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "2",
"summary": "Fix: quotation mark"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "PC Worx",
"product": {
"name": "PHOENIX CONTACT PC Worx",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "PC Worx Express",
"product": {
"name": "PHOENIX CONTACT PC Worx Express",
"product_id": "CSAFPID-11002"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=1.88",
"product": {
"name": "Firmware \u003c=1.88",
"product_id": "CSAFPID-21001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "PHOENIX CONTACT GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002"
],
"summary": "affected products"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=1.88 installed on PHOENIX CONTACT PC Worx",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=1.88 installed on PHOENIX CONTACT PC Worx Express",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-34597",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory."
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "We strongly recommend customers to exchange project files only using secure file exchange services. Project files should not be exchanged via unencrypted email.\nIn addition, we recommend exchanging or storing project files together with a checksum to ensure their integrity.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "With the next version of Automation Worx Software Suite additional plausibility checks for archive content will be implemented.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2021-34597"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…