#VU18692 Cryptographic issues in PLCNext AXC F 2152 - CVE-2018-7559
Published: June 6, 2019
Vulnerability identifier: #VU18692
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-7559
CWE-ID: CWE-310
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
PLCNext AXC F 2152
PLCNext AXC F 2152
Software vendor:
Phoenix Contact GmbH
Phoenix Contact GmbH
Description
The vulnerability allows a remote attacker to decrypt passwords.
The vulnerability exists due to an error in OPC UA Server that allows an attacker to determine a Server's private key. A remote attacker can send especially constructed UserIdentityTokens, encrypted with the Basic128Rsa15 security policy as part of an oracle attack, and decrypt passwords even if they were encrypted with another security policy such as Basic256Sha256.
Vulnerability affects following PLCNext AXC F 2152 products:
- AXC F 2152: article number 2404267
- AXC F 2152: article number 1046568 (Starterkit)
Remediation
Install updates from vendor's website.
External links
- https://github.com/OPCFoundation/UA-.NET-Legacy/commit/e2a781b38efb8686d2bd850c2f2372b5c670bc45
- https://github.com/OPCFoundation/UA-.NETStandard/commit/ebcf026a54dd0c9052cff009d96d827ac923d150
- https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-7559.pdf