Phoenix¹¤Òµ»¥»»»ú·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-02-19

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-13990£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.6£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13991£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13992£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.2£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13993£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13994£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬¹Ù·½Î´ÆÀ¶¨


Ó°ÏìÁìÓò


ÊÜÓ°Ïì°æ±¾£º 

PHOENIX CONTACT FL SWITCH 4xxx

PHOENIX CONTACT FL SWITCH 48xx

PHOENIX CONTACT FL SWITCH 3xxx


·ì϶¸ÅÊö


Phoenix Contact FL SWITCHÊǵ¹ú·ÆÄá¿Ë˹µçÆø£¨Phoenix Contact£©¼¯ÍŵÄÒ»¿î¹¤Òµ¼¶ÒÔÌ«Íø»¥»»»ú¡£


Phoenix Contact FL SWITCH 3xxx¡¢4xxxºÍ48xxϵÁй¤Òµ½ÚÔ컥»»»ú±»Åû¶¶à¸öCVE°²È«·ì϶¡£³É¹¦ÀûÓÃÕâЩ·ì϶¿ÉÄܵ¼Ö¹¤Òµ½ÚÔìϵͳ(ICS)×ÌÈÅ£¬ÉõÖÁÆëÈ«ÖжÏ¡£Contact FL ϵÁÐÔÚʯÓÍ¡¢ÄÜÔ´ÉèÊ©ºÍº£ÊÂϵͳÖÐÀûÓÃ¿í·º£¬ÕâÖÖϵͳÖнÚÔìÆ÷Ò»µ©¹ÊÕÏ»áÒý·¢´óÂé·³¡£·ì϶¸ÅÊöÈçÏ£º


CVE-2018-13990

¸Ã·ì϶ԴÓÚ·¨Ê½Ã»ÓеǼ³¬Ê±Ö°ÄÜ¡£¹¥»÷Õß¿Éͨ¹ýÖ´Ðб©Á¦Æƽ⹥»÷ÀûÓø÷ì϶»ñÈ¡Óû§ÃûºÍÃÜÂ룬½ø¶ø»ñÈ¡½Ó¼ûȨÏÞ¡£


CVE-2018-13991

¸Ã·ì϶ԴÓÚ·¨Ê½Ã»Óа²È«´æ´¢Ãô¸ÐÐÅÏ¢¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶»ñÈ¡»¥»»»úµÄĬÈÏ˽Կ¡£


CVE-2018-13992

¸Ã·ì϶ԴÓÚWeb UI (HTTP)µÄĬÈÏÉèÖ㬷¨Ê½»áδ¼ÓÃÜ´«ÊäÓû§Æ¾Ö¤¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶»ñÈ¡Ãô¸ÐÐÅÏ¢¡£


CVE-2018-13993

¸Ã·ì϶Ϊ¿çÕ¾ÒªÇóαÔì·ì϶¡£Ô¶³Ì¹¥»÷Õß¿ÉÀûÓø÷ì϶Ôì³ÉWebä¯ÀÀÆ÷´«µÝ·ÇÔ¤ÆڵĺÅÁî¡£


CVE-2018-13994

¹¥»÷Õß¿Éͨ¹ý½øÐдóÁ¿µÄWeb UIÏνÓ£¬ÀûÓø÷ì϶Ôì³É»Ø¾ø·þÎñ¡£


½¨¸´½¨Òé


Ä¿Ç°¹Ù·½ÒѾ­°ä²¼Ð°汾1.35½¨¸´ÁËÕâЩ·ì϶£¬Çëµ½³§É̵ÄÖ÷Ò³ÏÂÔØ£ºhttps://www.phoenixcontact.com¡£


²Î¿¼Á´½Ó


https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02