CVE-2021-21003
- EPSS 0.31%
- Published 25.06.2021 19:15:08
- Last modified 21.11.2024 05:47:23
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service of Web-, SNMP- and ICMP-Echo services. The switching functionality of the device is not affected.
CVE-2021-21004
- EPSS 0.24%
- Published 25.06.2021 19:15:08
- Last modified 21.11.2024 05:47:23
In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management which could then be executed by the client.
CVE-2021-21005
- EPSS 0.04%
- Published 25.06.2021 19:15:08
- Last modified 21.11.2024 05:47:23
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.
CVE-2019-9744
- EPSS 0.44%
- Published 26.03.2019 20:29:00
- Last modified 21.11.2024 04:52:13
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and FL NAT SMN 8TX-M-DMG devices. There is unauthorized access to the WEB-UI by attackers arriving from the same source IP address as an authenticated user,...