Four New Vulnerabilities in Phoenix Contact Industrial Switches

  /     /     /  
Publicated : 22/11/2024   Category : security


Four New Vulnerabilities in Phoenix Contact Industrial Switches


A series of newly disclosed vulnerabilities could allow an attacker to gain control of industrial switches.



Phoenix Contact has disclosed four vulnerabilities in switches in the FL SWITCH industrial line. The affected devices are typically used in automated processes at digital substations, oil and gas, maritime, and other industrial applications.
The vulnerabilities were discovered by Positive Technologies researchers Vyacheslav Moskvin, Semyon Sokolov, Evgeny Druzhinin, Ilya Karpov, and Georgy Zaytsev.
Two of the vulnerabilities, CVE-2018-10730 and CVE-2018-10731, could allow an attacker to run arbitrary code on a switch.
CVE-2018-10728 involves a buffer overflow that could be exploited to perform a DoS attack, disable web and telnet services, or run arbitrary code, while CVE-2018-10729 would allow an unauthorized user to read the contents of the switch config file.
The vulnerabilities affect FL SWITCH models 3xxx, 4xxx, and 48xxx running firmware versions 1.0–1.33. The vendor strongly recommends updating to firmware version 1.34 as remediation for the vulnerabilities.
For more, read
here
.
Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Go
here
for more information on this free event.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Four New Vulnerabilities in Phoenix Contact Industrial Switches