ICSA-19-085-02
·
Published 2019-03-26
·
View on CISA ICS-CERT ↗
PHOENIX CONTACT RAD-80211-XD
CVSS 9.9
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to execute system level commands with administrative privileges.
CVEs (1)
Remediations
- Users using Phoenix Contact 80211-XD radio modules are recommended to operate the devices in closed networks or protected with a suitable firewall.
- The affected products have been removed from active maintenance due to obsolescence. For this reason, it is recommended that concerned users upgrade to the active FL WLAN product line.
- For detailed information on recommendations for measures to protect network-capable devices, please refer to the application note: https://www.phoenixcontact.com/assets/downloads_ed/local_pc/web_dwl_technical_info/ah_en_industrial_security_107913_en_01.pdf
- Please see VDE-2019-007
Affected Vendors
Phoenix Contact
Affected Products (2)
Phoenix Contact
·
RAD-80211-XD
2885728
Phoenix Contact
·
RAD-80211-XD/HP-BUS
2900047
Affected Sectors
Communications, Critical Manufacturing, Information Technology
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more