CVE-2018-10728: Buffer Overflow
First published: Thu May 17 2018(Updated: )
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Phoenixcontact Fl Switch 3005 Firmware | >1.0<=1.33 | |
| Phoenixcontact Fl Switch 3005 | ||
| Phoenixcontact Fl Switch 3005t Firmware | >=1.0<=1.33 | |
| Phoenix Contact FL Switch 3005T | ||
| Phoenixcontact Fl Switch 3004t-fx St Firmware | >=1.0<=1.33 | |
| Phoenix Contact FL Switch 3004T-FX | ||
| Phoenixcontact Fl Switch 3004t-fx St Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3004t-fx St Firmware | ||
| Phoenixcontact Fl Switch 3008 Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3008 | ||
| Phoenixcontact Fl Switch 3008t Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3008t Firmware | ||
| Phoenixcontact Fl Switch 3006t-2fx Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3006t-2fx Sm Firmware | ||
| Phoenix Contact FL Switch 3006T-2FX ST Firmware | >=1.0<=1.33 | |
| Phoenix Contact FL Switch 3006T-2FX ST Firmware | ||
| Phoenixcontact FL Switch 3012e-2sfx | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3012e-2sfx Firmware | ||
| Phoenixcontact Fl Switch 3016e Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3016e Firmware | ||
| Phoenixcontact FL Switch 3016t Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3016 | ||
| Phoenixcontact FL Switch 3016t Firmware | >=1.0<=1.33 | |
| Phoenixcontact FL Switch 3016t Firmware | ||
| Phoenixcontact Fl Switch 3006t-2fx Sm Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3006t-2fx Sm Firmware | ||
| Phoenixcontact Fl Switch 4008t-2sfp Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4008t-2sfp Firmware | ||
| Phoenixcontact Fl Switch 4008t-2gt-4fx Sm | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4008t-2gt-4fx Sm Firmware | ||
| Phoenixcontact Fl Switch 4008t-2gt-3fx Sm | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4008t-2gt-3fx Sm Firmware | ||
| Phoenixcontact Fl Switch 4808e-16fx Lc-4gc | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4808e-16fx Lc-4gc Firmware | ||
| Phoenixcontact Fl Switch 4808e-16fx Sm-4gc Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4808e-16fx Sm-4gc Firmware | ||
| Phoenixcontact Fl Switch 4808e-16fx Sm St-4gc | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4808e-16fx Sm St-4gc Firmware | ||
| Phoenix Contact FL Switch 4808E-16FX ST-4GC | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4808e-16fx St-4gc Firmware | ||
| Phoenixcontact Fl Switch 4808e-16fx Sm Lc-4gc Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4808e-16fx-4gc | ||
| Phoenixcontact Fl Switch 4808e-16fx Sm Lc-4gc Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4808e-16fx Sm Lc-4gc Firmware | ||
| Phoenixcontact FL Switch 4012T 2GT 2FX | >=1.0<=1.33 | |
| Phoenix Contact FL Switch 4012T-2GT-2FX ST Firmware | ||
| Phoenixcontact FL Switch 4012T 2GT 2FX | >=1.0<=1.33 | |
| Phoenixcontact FL Switch 4012T 2GT 2FX | ||
| Phoenixcontact Fl Switch 4824e-4gc Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4824e-4gc | ||
| Phoenixcontact Fl Switch 4800e-24fx Sm-4gc Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4800e-24fx Sm-4gc Firmware | ||
| Phoenixcontact Fl Switch 4800e-24fx Sm-4gc | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4800e-24fx Sm-4gc Firmware | ||
| Phoenixcontact Fl Switch 3012e-2fx Sm Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 3012e-2fx Sm Firmware | ||
| Phoenixcontact Fl Switch 4000t-8poe-2sfp-r Firmware | >=1.0<=1.33 | |
| Phoenixcontact Fl Switch 4000t-8poe-2sfp-r Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-10728?
CVE-2018-10728 is classified as a buffer overflow vulnerability, which can lead to potential system crashes or remote code execution.
How do I fix CVE-2018-10728?
To mitigate CVE-2018-10728, update the firmware of all affected Phoenix Contact managed FL SWITCH products to a version later than 1.33.
Which products are affected by CVE-2018-10728?
CVE-2018-10728 affects Phoenix Contact managed FL SWITCH products running firmware versions 1.0 to 1.33, including models like FL SWITCH 3005 and FL SWITCH 4808e.
What are the risks associated with CVE-2018-10728?
The risks associated with CVE-2018-10728 include unauthorized access, data corruption, and complete loss of device functionality due to buffer overflow exploitation.
Is there a workaround for CVE-2018-10728?
As a workaround for CVE-2018-10728, temporarily segmenting networks or disabling remote management features may reduce exposure until firmware updates can be applied.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/phoenixcontact
- canonical/phoenixcontact fl switch 3005 firmware
- version/phoenixcontact fl switch 3005 firmware/1.33
- canonical/phoenixcontact fl switch 3005
- canonical/phoenixcontact fl switch 3005t firmware
- version/phoenixcontact fl switch 3005t firmware/1.0
- version/phoenixcontact fl switch 3005t firmware/1.33
- canonical/phoenix contact fl switch 3005t
- canonical/phoenixcontact fl switch 3004t-fx st firmware
- version/phoenixcontact fl switch 3004t-fx st firmware/1.0
- version/phoenixcontact fl switch 3004t-fx st firmware/1.33
- canonical/phoenix contact fl switch 3004t-fx
- canonical/phoenixcontact fl switch 3008 firmware
- version/phoenixcontact fl switch 3008 firmware/1.0
- version/phoenixcontact fl switch 3008 firmware/1.33
- canonical/phoenixcontact fl switch 3008
- canonical/phoenixcontact fl switch 3008t firmware
- version/phoenixcontact fl switch 3008t firmware/1.0
- version/phoenixcontact fl switch 3008t firmware/1.33
- canonical/phoenixcontact fl switch 3006t-2fx firmware
- version/phoenixcontact fl switch 3006t-2fx firmware/1.0
- version/phoenixcontact fl switch 3006t-2fx firmware/1.33
- canonical/phoenixcontact fl switch 3006t-2fx sm firmware
- canonical/phoenix contact fl switch 3006t-2fx st firmware
- version/phoenix contact fl switch 3006t-2fx st firmware/1.0
- version/phoenix contact fl switch 3006t-2fx st firmware/1.33
- canonical/phoenixcontact fl switch 3012e-2sfx
- version/phoenixcontact fl switch 3012e-2sfx/1.0
- version/phoenixcontact fl switch 3012e-2sfx/1.33
- canonical/phoenixcontact fl switch 3012e-2sfx firmware
- canonical/phoenixcontact fl switch 3016e firmware
- version/phoenixcontact fl switch 3016e firmware/1.0
- version/phoenixcontact fl switch 3016e firmware/1.33
- canonical/phoenixcontact fl switch 3016t firmware
- version/phoenixcontact fl switch 3016t firmware/1.0
- version/phoenixcontact fl switch 3016t firmware/1.33
- canonical/phoenixcontact fl switch 3016
- version/phoenixcontact fl switch 3006t-2fx sm firmware/1.0
- version/phoenixcontact fl switch 3006t-2fx sm firmware/1.33
- canonical/phoenixcontact fl switch 4008t-2sfp firmware
- version/phoenixcontact fl switch 4008t-2sfp firmware/1.0
- version/phoenixcontact fl switch 4008t-2sfp firmware/1.33
- canonical/phoenixcontact fl switch 4008t-2gt-4fx sm
- version/phoenixcontact fl switch 4008t-2gt-4fx sm/1.0
- version/phoenixcontact fl switch 4008t-2gt-4fx sm/1.33
- canonical/phoenixcontact fl switch 4008t-2gt-4fx sm firmware
- canonical/phoenixcontact fl switch 4008t-2gt-3fx sm
- version/phoenixcontact fl switch 4008t-2gt-3fx sm/1.0
- version/phoenixcontact fl switch 4008t-2gt-3fx sm/1.33
- canonical/phoenixcontact fl switch 4008t-2gt-3fx sm firmware
- canonical/phoenixcontact fl switch 4808e-16fx lc-4gc
- version/phoenixcontact fl switch 4808e-16fx lc-4gc/1.0
- version/phoenixcontact fl switch 4808e-16fx lc-4gc/1.33
- canonical/phoenixcontact fl switch 4808e-16fx lc-4gc firmware
- canonical/phoenixcontact fl switch 4808e-16fx sm-4gc firmware
- version/phoenixcontact fl switch 4808e-16fx sm-4gc firmware/1.0
- version/phoenixcontact fl switch 4808e-16fx sm-4gc firmware/1.33
- canonical/phoenixcontact fl switch 4808e-16fx sm st-4gc
- version/phoenixcontact fl switch 4808e-16fx sm st-4gc/1.0
- version/phoenixcontact fl switch 4808e-16fx sm st-4gc/1.33
- canonical/phoenixcontact fl switch 4808e-16fx sm st-4gc firmware
- canonical/phoenix contact fl switch 4808e-16fx st-4gc
- version/phoenix contact fl switch 4808e-16fx st-4gc/1.0
- version/phoenix contact fl switch 4808e-16fx st-4gc/1.33
- canonical/phoenixcontact fl switch 4808e-16fx st-4gc firmware
- canonical/phoenixcontact fl switch 4808e-16fx sm lc-4gc firmware
- version/phoenixcontact fl switch 4808e-16fx sm lc-4gc firmware/1.0
- version/phoenixcontact fl switch 4808e-16fx sm lc-4gc firmware/1.33
- canonical/phoenixcontact fl switch 4808e-16fx-4gc
- canonical/phoenixcontact fl switch 4012t 2gt 2fx
- version/phoenixcontact fl switch 4012t 2gt 2fx/1.0
- version/phoenixcontact fl switch 4012t 2gt 2fx/1.33
- canonical/phoenix contact fl switch 4012t-2gt-2fx st firmware
- canonical/phoenixcontact fl switch 4824e-4gc firmware
- version/phoenixcontact fl switch 4824e-4gc firmware/1.0
- version/phoenixcontact fl switch 4824e-4gc firmware/1.33
- canonical/phoenixcontact fl switch 4824e-4gc
- canonical/phoenixcontact fl switch 4800e-24fx sm-4gc firmware
- version/phoenixcontact fl switch 4800e-24fx sm-4gc firmware/1.0
- version/phoenixcontact fl switch 4800e-24fx sm-4gc firmware/1.33
- canonical/phoenixcontact fl switch 4800e-24fx sm-4gc
- version/phoenixcontact fl switch 4800e-24fx sm-4gc/1.0
- version/phoenixcontact fl switch 4800e-24fx sm-4gc/1.33
- canonical/phoenixcontact fl switch 3012e-2fx sm firmware
- version/phoenixcontact fl switch 3012e-2fx sm firmware/1.0
- version/phoenixcontact fl switch 3012e-2fx sm firmware/1.33
- canonical/phoenixcontact fl switch 4000t-8poe-2sfp-r firmware
- version/phoenixcontact fl switch 4000t-8poe-2sfp-r firmware/1.0
- version/phoenixcontact fl switch 4000t-8poe-2sfp-r firmware/1.33