CVE-2021-21005
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Phoenix Contact | FL SWITCH | SMCS 16TX (2700996) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 14TX/2FX (2700997) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 14TX/2FX-SM (2701466) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 8GT (2891123) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 6GT/2SFP (2891479) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 8TX-PN (2989103) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 4TX-PN (2989093) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 8TX (2989226) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMCS 6TX/2SFP (2989323) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMN 6TX/2POF-PN (2700290) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMN 8TX-PN (2989501) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMN 6TX/2FX (2989543) <= 4.70 | affected |
| Phoenix Contact | FL SWITCH | SMN 6TX/2FX SM (2989556) <= 4.70 | affected |
| Phoenix Contact | FL NAT | SMN 8TX (2989365) <= 4.63 | affected |
| Phoenix Contact | FL NAT | SMN 8TX-M (2702443) <= 4.63 | affected |
Weaknesses
- CWE-362: CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)
Workarounds
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to the Phoenix Contact application note: Measures to protect network-capable devices with Ethernet connection https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.