Multiple vulnerabilities in PHOENIX CONTACT FL SWITCH
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU10010
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-16743
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges.
The weakness exists due to improper authorization. A remote attacker can send a specially crafted HTTP request, bypass authentication and gain administrative privileges on the target device.
Update to version 1.33.
FL SWITCH 4000T-8POE-2SFP-R: All versions
FL SWITCH 3012E-2FX SM: All versions
FL SWITCH 4800E-24FX SM-4GC: All versions
FL SWITCH 4800E-24FX-4GC: All versions
FL SWITCH 4824E-4GC: All versions
FL SWITCH 4012T-2GT-2FX ST: All versions
FL SWITCH 4012T 2GT 2FX: All versions
FL SWITCH 4808E-16FX SM LC-4GC: All versions
FL SWITCH 4808E-16FX-4GC: All versions
FL SWITCH 4808E-16FX ST-4GC: All versions
FL SWITCH 4808E-16FX SM ST-4GC: All versions
FL SWITCH 4808E-16FX SM-4GC: All versions
FL SWITCH 4808E-16FX LC-4GC: All versions
FL SWITCH 4008T-2GT-3FX SM: All versions
FL SWITCH 4008T-2GT-4FX SM: All versions
FL SWITCH 4008T-2SFP: All versions
FL SWITCH 3006T-2FX SM: All versions
FL SWITCH 3016T: All versions
FL SWITCH 3016: All versions
FL SWITCH 3016E: All versions
FL SWITCH 3012E-2SFX: All versions
FL SWITCH 3006T-2FX ST: All versions
FL SWITCH 3006T-2FX: All versions
FL SWITCH 3008T: All versions
FL SWITCH 3008: All versions
FL SWITCH 3004T-FX ST: All versions
FL SWITCH 3004T-FX: All versions
FL SWITCH 3005T: All versions
FL SWITCH 3005: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-011-03
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU10011
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-16741
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to unspecified error. A remote attacker can use Monitor Mode on the device to read diagnostic information on the target device.
Update to version 1.33.
FL SWITCH 4000T-8POE-2SFP-R: All versions
FL SWITCH 3012E-2FX SM: All versions
FL SWITCH 4800E-24FX SM-4GC: All versions
FL SWITCH 4800E-24FX-4GC: All versions
FL SWITCH 4824E-4GC: All versions
FL SWITCH 4012T-2GT-2FX ST: All versions
FL SWITCH 4012T 2GT 2FX: All versions
FL SWITCH 4808E-16FX SM LC-4GC: All versions
FL SWITCH 4808E-16FX-4GC: All versions
FL SWITCH 4808E-16FX ST-4GC: All versions
FL SWITCH 4808E-16FX SM ST-4GC: All versions
FL SWITCH 4808E-16FX SM-4GC: All versions
FL SWITCH 4808E-16FX LC-4GC: All versions
FL SWITCH 4008T-2GT-3FX SM: All versions
FL SWITCH 4008T-2GT-4FX SM: All versions
FL SWITCH 4008T-2SFP: All versions
FL SWITCH 3006T-2FX SM: All versions
FL SWITCH 3016T: All versions
FL SWITCH 3016: All versions
FL SWITCH 3016E: All versions
FL SWITCH 3012E-2SFX: All versions
FL SWITCH 3006T-2FX ST: All versions
FL SWITCH 3006T-2FX: All versions
FL SWITCH 3008T: All versions
FL SWITCH 3008: All versions
FL SWITCH 3004T-FX ST: All versions
FL SWITCH 3004T-FX: All versions
FL SWITCH 3005T: All versions
FL SWITCH 3005: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/ICSA-18-011-03
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
