← Back to home

ICSA-18-137-02 · Published 2018-05-17 · View on CISA ICS-CERT ↗

PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx Series

CVSS 9.1 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow for remote code execution and information disclosure.

CVEs (4)

CVE-2018-10730 CVE-2018-10729 CVE-2018-10728 CVE-2018-10731

Remediations

FL SWITCH 3005
FL SWITCH 3005T
FL SWITCH 3004T-FX
FL SWITCH 3004T-FX ST
FL SWITCH 3008
FL SWITCH 3008T
FL SWITCH 3006T-2FX
FL SWITCH 3006T-2FX ST
FL SWITCH 3012E-2SFX
FL SWITCH 3016E
FL SWITCH 3016
FL SWITCH 3016T
FL SWITCH 3006T-2FX SM
FL SWITCH 4008T-2SFP
FL SWITCH 4008T-2GT-4FX SM
FL SWITCH 4008T-2GT-3FX SM
FL SWITCH 4808E-16FX LC-4GC
FL SWITCH 4808E-16FX SM-4GC
FL SWITCH 4808E-16FX SM ST-4GC
FL SWITCH 4808E-16FX ST-4GC
FL SWITCH 4808E-16FX-4GC
FL SWITCH 4808E-16FX SM LC-4GC
FL SWITCH 4012T 2GT 2FX
FL SWITCH 4012T-2GT-2FX ST
FL SWITCH 4824E-4GC
FL SWITCH 4800E-24FX-4GC
FL SWITCH 4800E-24FX SM-4GC
FL SWITCH 3012E-2FX SM
FL SWITCH 4000T-8POE-2SFP-R

Affected Vendors

PHOENIX CONTACT, Innominate Security Technologies

Affected Products (1)

PHOENIX CONTACT, Innominate Security Technologies · All FL SWITCH 3xxx 4xxx and 48xxx Series products running firmware >= 1.0 | <= 1.32

Affected Sectors

Communications, Critical Manufacturing, Information Technology

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more