Firmware Fixes Phoenix Contact X-SS Hole

Thursday, December 7, 2017 @ 03:12 PM gHale


Phoenix Contact released new firmware to fix a cross-site scripting vulnerability in its FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH products, according to a report with ICS-CERT.

Successful exploitation of this remotely exploitable vulnerability, discovered by Maxim Rupp, may allow a remote attacker to change configuration variables on the device.

RELATED STORIES
Rockwell Fixes FactoryTalk Hole
Hole Found in WAGO PLC
Siemens Mitigates Hole in Industrial Products
Siemens Updates Mitigation for KRACK Holes

The following models running firmware versions prior to 1.99, 2.20, or 2.40 of FL COMSERVER, FL COM SERVER, and PSI-MODEM/ETH, industrial networking equipment, suffer from the issue:
• FL COMSERVER BASIC 232/422/485
• FL COMSERVER UNI 232/422/485
• FL COMSERVER BAS 232/422/485-T
• FL COMSERVER UNI 232/422/485-T
• FL COM SERVER RS232
• FL COM SERVER RS485
• PSI-MODEM/ETH

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

The cross-site scripting vulnerability has been identified, which may allow remote code execution.

CVE-2017-16723 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.2.

The products see use in the communications, critical manufacturing and information technology sectors. They also see action on a global basis.

Germany-based Phoenix Contact released new firmware versions for the affected devices. Click here for the latest download links.



Leave a Reply

You must be logged in to post a comment.