PHOENIX CONTACT PLCNext AXC F 2152

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to decrypt passwords, bypass authentication, and deny service to the device. In addition, these vulnerabilities could interact with third-party vulnerabilities to cause other impacts to integrity, confidentiality, and availability.

CVEs (46)

Remediations

• Phoenix Contact recommends affected users update to firmware release 2019.0 LTS or later, update to PLCNext Engineer release 2019.0 LTS or later, and apply the following specific mitigations below:
• Disable Basic128Rsa15 security policy in OPC Servers configuration. Use only Basic256 or higher.
• Follow the advice concerning SD card usage in the manual “Art.-Nr. 107708: UM EN AXC F 2152 Installing, starting up, and operating the AXC F 2152 controller um_en_axc_f_2152_107708_en_02.pdf” that can be found on the product page below:
• Use the notification manager to monitor SD card exchanges by the application program.
• Subscribe to PSIRT news as updates on the SD card vulnerability will be provided in the future.
• Phoenix Contact also recommends users operate the devices in closed networks or environments protected with a suitable firewall. For detailed information on recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note “Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY - Measures to protect network-capable devices with Ethernet connection against unauthorized access,” which can be found at the following link:
• For more information, CERT@VDE has released a security advisory available at the following link:

Affected Vendors

Affected Products (2)

Affected Sectors

Commercial Facilities