ICSA-17-353-02
·
Published 2017-12-19
·
View on CISA ICS-CERT ↗
PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol
CVSS 8.1
HIGH
Risk Summary
ATTENTION: Low skill level is needed to exploit. Public exploits are available.
CVEs (1)
Remediations
- Android: Affected Products: Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201 ecom instruments is actively working on these vulnerabilities. This advisory will updated as soon as further significant details are provided by the vendor, with an emphasis on information about available patches.
- Windows: Affected Products: Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX For ecom instruments devices running Windows, ecom instruments recommends users apply the security update provided by Microsoft. If users are using WPA-TKIP in their WLAN, users should switch to AES-CCMP immediately.
- For more information CERT@VDE has released a security advisory found at:
Affected Vendors
PEPPERL+FUCHS
Affected Products (11)
PEPPERL+FUCHS
·
CK71A-ATEX
vers:all/*
PEPPERL+FUCHS
·
Smart-Ex 201
vers:all/*
PEPPERL+FUCHS
·
Ex-Handy 09
vers:all/*
PEPPERL+FUCHS
·
CN70E-ATEX
vers:all/*
PEPPERL+FUCHS
·
CN70A-ATEX
vers:all/*
PEPPERL+FUCHS
·
CK70A-ATEX
vers:all/*
PEPPERL+FUCHS
·
i.roc Ci70-Ex
vers:all/*
PEPPERL+FUCHS
·
Tab-Ex 01
vers:all/*
PEPPERL+FUCHS
·
Smart-Ex 01
vers:all/*
PEPPERL+FUCHS
·
Pad-Ex 01
vers:all/*
PEPPERL+FUCHS
·
Ex-Handy 209
vers:all/*
Affected Sectors
Communications, Critical Manufacturing, Information Technology
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more