V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2018-10728
CVE
High

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a diffe…

CVSS
8.1
High
EPSS
0.02
p80
Published
2018-01-01
Updated
2018-01-01
Description

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows (a different vulnerability than CVE-2018-10731).

Tags · CWE
RCEPre-auth
CWE-119
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-100
CAPEC-123
Affected products
Fl_switch_3004t-fx_firmwareFl_switch_3004t-fx_st_firmwareFl_switch_3005_firmwareFl_switch_3005t_firmwareFl_switch_3006t-2fx_firmwareFl_switch_3006t-2fx_sm_firmwareFl_switch_3006t-2fx_st_firmwareFl_switch_3008_firmwareFl_switch_3008t_firmwareFl_switch_3012e-2fx_sm_firmwareFl_switch_3012e-2sfx_firmwareFl_switch_3016_firmwareFl_switch_3016e_firmwareFl_switch_3016t_firmwareFl_switch_4000t-8poe-2sfp-r_firmwareFl_switch_4008t-2gt-3fx_sm_firmwareFl_switch_4008t-2gt-4fx_sm_firmwareFl_switch_4008t-2sfp_firmwareFl_switch_4012t-2gt-2fx_st_firmwareFl_switch_4012t_2gt_2fx_firmware
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
2018-01-01
Published
2018-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: H
High (H)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.023 · p80
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Phoenixcontact
Fl Switch 3004t-fxFl Switch 3004t-fx FirmwareFl Switch 3004t-fx StFl Switch 3004t-fx St FirmwareFl Switch 3005Fl Switch 3005 FirmwareFl Switch 3005tFl Switch 3005t FirmwareFl Switch 3006t-2fxFl Switch 3006t-2fx Firmware+48
ProductVendorStatus
fl_switch_3004t-fx_firmware*Tracked
fl_switch_3004t-fx_st_firmware*Tracked
fl_switch_3005_firmware*Tracked
fl_switch_3005t_firmware*Tracked
fl_switch_3006t-2fx_firmware*Tracked
fl_switch_3006t-2fx_sm_firmware*Tracked
fl_switch_3006t-2fx_st_firmware*Tracked
fl_switch_3008_firmware*Tracked
fl_switch_3008t_firmware*Tracked
fl_switch_3012e-2fx_sm_firmware*Tracked
fl_switch_3012e-2sfx_firmware*Tracked
fl_switch_3016_firmware*Tracked
fl_switch_3016e_firmware*Tracked
fl_switch_3016t_firmware*Tracked
fl_switch_4000t-8poe-2sfp-r_firmware*Tracked
fl_switch_4008t-2gt-3fx_sm_firmware*Tracked
fl_switch_4008t-2gt-4fx_sm_firmware*Tracked
fl_switch_4008t-2sfp_firmware*Tracked
fl_switch_4012t-2gt-2fx_st_firmware*Tracked
fl_switch_4012t_2gt_2fx_firmware*Tracked
Showing first 20 of 29
Source databases
CVE
Related vulnerabilities
BDU:2018-01070