PHOENIX CONTACT ILC 1x1 ETH Denial of Service

VDE-2018-012 (2018-08-13 14:55 UTC+0200)

CVE Identifier


Affected Vendors


Affected Products

PHOENIX CONTACT ILC 131, 151, 171, 191 ETH with all firmware versions


The processing program of the IEC 61131 program can be slowed down or stopped completely by creating a large amount of network traffic that needs to be handled by the ILC.


The processing of the network load takes up so much CPU power that the operation of all functions of the device, including the 61131 program, will slow down. This may affect the automation task. Once the network load is removed the ILC will return to normal state.


Customers using Phoenix Contact ILC 1x1 are recommended to operate the devices in closed networks or protected with a suitable firewall.
For detailed information on our recommendations for measures to protect network-cabable devices, please refer to our application note:

Reported by

This vulnerability was reported by Matthias Niedermaier (Hochschule Augsburg), Jan-Ole Malchow (Freie Universität Berlin) and Florian Fischer (Hochschule Augsburg)