Design/Logic Flaw

2021-06-2519:15:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.5%

JSON

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.

CPENameOperatorVersion
fl_nat_smn_8tx-m_firmwarele4.63
fl_nat_smn_8tx_firmwarele4.63
fl_switch_smcs_14tx\\/2fx-sm_firmwarele4.70
fl_switch_smcs_14tx\\/2fx_firmwarele4.70
fl_switch_smcs_16tx_firmwarele4.70
fl_switch_smcs_4tx-pn_firmwarele4.70
fl_switch_smcs_6gt\\/2sfp_firmwarele4.70
fl_switch_smcs_6tx\\/2sfp_firmwarele4.70
fl_switch_smcs_8gt_firmwarele4.70
fl_switch_smcs_8tx-pn_firmwarele4.70

Name	Operator	Version
fl_nat_smn_8tx-m_firmware	le	4.63
fl_nat_smn_8tx_firmware	le	4.63
fl_switch_smcs_14tx\\/2fx-sm_firmware	le	4.70
fl_switch_smcs_14tx\\/2fx_firmware	le	4.70
fl_switch_smcs_16tx_firmware	le	4.70
fl_switch_smcs_4tx-pn_firmware	le	4.70
fl_switch_smcs_6gt\\/2sfp_firmware	le	4.70
fl_switch_smcs_6tx\\/2sfp_firmware	le	4.70
fl_switch_smcs_8gt_firmware	le	4.70
fl_switch_smcs_8tx-pn_firmware	le	4.70

Rows per page:

1-10 of 151

References

cert.vde.com/en-us/advisories/vde-2021-023