You are here

phoenix contact

PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx Series (ICSA-18-137-02)

The NCCIC has released an advisory on command injection, information exposure, and stack-based buffer overflow vulnerabilities in PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx Series. All FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32 are affected. Successful exploitation of these vulnerabilities could allow for remote code execution and information disclosure. PHOENIX CONTACT recommends that affected users upgrade to firmware Version 1.34 or higher.

PHOENIX CONTACT mGuard (ICSA-18-030-01)

ICS-CERT has released an advisory on a PHOENIX CONTACT mGuard vulnerability. Versions 7.2 to 8.6.0 are affected. Successful exploitation of this vulnerability could allow for an attacker to modify firmware update packages. PHOENIX CONTACT recommends that affected users upgrade to firmware version 8.6.1. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

PHOENIX CONTACT FL SWITCH (ICSA-18-011-03)

ICS-CERT has released an advisory on a PHOENIX CONTACT FL SWITCH vulnerability. All FL SWITCH 3xxx, 4xxx, and 48xxx products running firmware Version 1.0 to 1.32 are affected. Successful exploitation of these vulnerabilities may allow an unauthenticated remote attacker to gain administrative privileges and expose information to unauthenticated users. PHOENIX CONTACT recommends that affected users upgrade to firmware Version 1.33 or higher. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

PHOENIX CONTACT WLAN Capable Devices Using the WPA2 Protocol (ICSA-17-325-01)

ICS-CERT has released an advisory on a PHOENIX CONTACT WLAN capable devices using the WPA2 Protocol vulnerability. Numerous versions of these devices are affected. Successful exploitation of this vulnerability could allow an attacker to operate as a “man-in-the-middle” between a device and a wireless access point.

PHOENIX CONTACT mGuard Device Manager (ICSA-17-262-01)

ICS-CERT has released an advisory on a PHOENIX CONTACT mGuard Device Manager. Versions 1.8.0 and older are affected. Successful exploitation of these vulnerabilities could allow unauthorized remote access, modification of data, and may allow remote and local users to gain elevated privileges. PHOENIX CONTACT recommends that all users of the affected product on Windows should update to at least Version 1.8.0.1. ICS-CERT.

PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware (ICSA-17-250-02)

ICS-CERT has released an advisory on a PHOENIX CONTACT, Innominate Security Technologies mGuard firmware vulnerability. Versions 8.0.0 to 8.5.1 of the firmware running on a variety of mGuard Network Security Appliances are affected. Successful exploitation of this vulnerability could allow attackers to cause a remote denial of service and force a restart of all IPSec connections. PHOENIX CONTACT and Innominate Security Technologies recommend users update to firmware Version 8.5.2 or higher, which fixes this vulnerability.

Subscribe to phoenix contact