Phoenix Contact ILC PLCs Denial of Service (CVE-2021-33541)

🗓️ 04 Dec 2024 00:00:00Reported by TenableType

Phoenix Contact ILC PLCs are vulnerable to Denial-of-Service attacks without authentication measures.

Reporter	Title	Published	Views	Family All 7
CNNVD	Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 安全漏洞	25 Jun 202100:00	–	cnnvd
CVE	CVE-2021-33541	25 Jun 202118:26	–	cve
Cvelist	CVE-2021-33541 Phoenix Contact: ILC1x Industrial controllers affected by Denial-of-Service vulnerability	25 Jun 202118:26	–	cvelist
EUVD	EUVD-2021-20233	7 Oct 202500:30	–	euvd
NVD	CVE-2021-33541	25 Jun 202119:15	–	nvd
Prion	Authentication flaw	25 Jun 202119:15	–	prion
Tenable Nessus	Phoenix Contact ILC PLCs Denial of Service (CVE-2021-33541)	25 Jan 202300:00	–	nessus

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2021-019
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502787);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/12/04");

  script_cve_id("CVE-2021-33541");

  script_name(english:"Phoenix Contact ILC PLCs Denial of Service (CVE-2021-33541)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all
versions/variants are affected by a Denial-of-Service vulnerability.
The communication protocols and device access do not feature
authentication measures. Remote attackers can use specially crafted IP
packets to cause a denial of service on the PLC's network
communication module. A successful attack stops all network
communication. To restore the network connectivity the device needs to
be restarted. The automation task is not affected.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert.vde.com/en-us/advisories/vde-2021-019");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-33541");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(770);

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/06/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/06/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/12/04");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:phoenixcontact:ilc1x0_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:phoenixcontact:ilc1x1_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/PhoenixContact");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/PhoenixContact');

var asset = tenable_ot::assets::get(vendor:'PhoenixContact');

var vuln_cpes = {
    "cpe:/o:phoenixcontact:ilc1x0_firmware" :
        {"family" : "ILC"},
    "cpe:/o:phoenixcontact:ilc1x1_firmware" :
        {"family" : "ILC"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

04 Dec 2024 00:00Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.5

CVSS 27.8

EPSS0.01309