#VU12813 OS command injection in Phoenix Contact GmbH products - CVE-2018-10730

Vulnerability identifier: #VU12813

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2018-10730

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
FL SWITCH 4000T-8POE-2SFP-R
FL SWITCH 3012E-2FX SM
FL SWITCH 4800E-24FX SM-4GC
FL SWITCH 4800E-24FX-4GC
FL SWITCH 4824E-4GC
FL SWITCH 4012T-2GT-2FX ST
FL SWITCH 4012T 2GT 2FX
FL SWITCH 4808E-16FX SM LC-4GC
FL SWITCH 4808E-16FX-4GC
FL SWITCH 4808E-16FX ST-4GC
FL SWITCH 4808E-16FX SM ST-4GC
FL SWITCH 4808E-16FX SM-4GC
FL SWITCH 4808E-16FX LC-4GC
FL SWITCH 4008T-2GT-3FX SM
FL SWITCH 4008T-2GT-4FX SM
FL SWITCH 4008T-2SFP
FL SWITCH 3006T-2FX SM
FL SWITCH 3016T
FL SWITCH 3016
FL SWITCH 3016E
FL SWITCH 3012E-2SFX
FL SWITCH 3006T-2FX ST
FL SWITCH 3006T-2FX
FL SWITCH 3008T
FL SWITCH 3008
FL SWITCH 3004T-FX ST
FL SWITCH 3004T-FX
FL SWITCH 3005T
FL SWITCH 3005

Software vendor:
Phoenix Contact GmbH

The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.

The weakness exists due to command injection. A remote attacker with permission to transfer configuration files to or from the switch or permission to upgrade firmware can execute arbitrary OS shell commands.

Successful exploitation of the vulnerability may result in system compromise.

Update to version 1.34 or later.

• https://ics-cert.us-cert.gov/advisories/ICSA-18-137-02