Overview
- Description
- An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). Incorrect handling of a request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is not required.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_pn_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B9B9ED4-6346-446F-99A8-7F0BF2FBFC9E",
"versionEndIncluding": "1.0.4"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_pn:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A276562B-496A-4E1A-B089-550799A03EDA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eth_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9277B645-F15D-4281-A5BE-02F773A8431A",
"versionEndIncluding": "1.12"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eth:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3CA0113D-E784-4EEE-BD17-CE6655968C7B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eth_xc_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "794A0431-78CD-42A2-8C32-F533EFBFB60D",
"versionEndIncluding": "1.11"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eth_xc:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AE8C0A1A-C282-41D2-AE69-6009DBCC8158"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]