First published: Wed Jun 23 2021(Updated: )
Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants are affected by a Denial-of-Service vulnerability. The communication protocols and device access do not feature authentication measures. Remote attackers can use specially crafted IP packets to cause a denial of service on the PLC's network communication module. A successful attack stops all network communication. To restore the network connectivity the device needs to be restarted. The automation task is not affected.
Credit: info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
Phoenixcontact Ilc1x0 Firmware | ||
Phoenixcontact Ilc1x0 | ||
Phoenixcontact Ilc1x1 Firmware | ||
Phoenixcontact Ilc1x1 |
Temporary Fix / Mitigation Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note: Measures to protect network-capable devices with Ethernet connection (https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf)
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-33541.
The affected software versions/variants are Phoenix Contact Classic Line Controllers ILC1x0 and ILC1x1 in all versions/variants.
The severity of the vulnerability is high, with a CVSS score of 7.5.
The vulnerability allows remote attackers to cause a denial of service.
Please refer to the advisory for remediation steps: https://cert.vde.com/en-us/advisories/vde-2021-019