First published: Wed May 11 2022(Updated: )
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS due to an improper validation of an integrity check value in all versions of the firmware.
Credit: info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
Phoenixcontact Rad-ism-900-en-bd Firmware | ||
Phoenixcontact Rad-ism-900-en-bd | ||
Phoenixcontact Rad-ism-900-en-bd\/b Firmware | ||
Phoenixcontact Rad-ism-900-en-bd\/b | ||
Phoenixcontact Rad-ism-900-en-bd-bus Firmware | ||
Phoenixcontact Rad-ism-900-en-bd-bus |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-29898.
Various RAD-ISM-900-EN-* devices by PHOENIX CONTACT are affected by this vulnerability.
The severity of CVE-2022-29898 is critical with a CVSS score of 9.1.
An admin user can exploit this vulnerability by using the configuration file uploader in the WebUI to execute arbitrary code with root privileges on the OS.
Please refer to the advisory by VDE CERT for information on available fixes and mitigations: https://cert.vde.com/en/advisories/VDE-2022-018/