Phoenix Contact Classic Line Controllers

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to upload logic with arbitrary code.

CVEs (1)

Remediations

• Phoenix Contact classic line industrial controllers are developed and designed for the use in closed industrial networks using a defense-in-depth approach focusing on network segmentation and communication robustness. In such an approach, users are protected against attacks, (especially from the outside) by a multi-level perimeter, including firewalls as well as dividing the plant into OT zones by using firewalls. This concept is supported by organizational measures in the production plant as part of a security management system. To accomplish security here measures are required at all levels. Ensure that the logic is always transferred or stored in protected environments. This is valid for data in transmission as well as data in rest.
• Connections between the engineering tools and the controller must always be in a locally protected environment or protected by VPN for remote access.
• Project data should not send as a file via email or other transfer mechanisms without additional integrity and authenticity checks.
• Project data should be saved in protected environments only.
• Customers using Phoenix Contact classic line controllers are recommended to operate the devices in closed networks or protected with a suitable firewall as intended.
• Measures to protect devices based on classic control technology

Affected Vendors

Affected Products (17)

Affected Sectors

Multiple Sectors