|Product number||Product name||Firmware version|
|2700996||FL SWITCH SMCS 16TX||<= 4.70|
|2700997||FL SWITCH SMCS 14TX/2FX||<= 4.70|
|2701466||FL SWITCH SMCS 14TX/2FX-SM||<= 4.70|
|2891123||FL SWITCH SMCS 8GT||<= 4.70|
|2891479||FL SWITCH SMCS 6GT/2SFP||<= 4.70|
|2989103||FL SWITCH SMCS 8TX-PN||<= 4.70|
|2989093||FL SWITCH SMCS 4TX-PN||<= 4.70|
|2989226||FL SWITCH SMCS 8TX||<= 4.70|
|2989323||FL SWITCH SMCS 6TX/2SFP||<= 4.70|
|2700290||FL SWITCH SMN 6TX/2POF-PN||<= 4.70|
|2989501||FL SWITCH SMN 8TX-PN||<= 4.70|
|2989543||FL SWITCH SMN 6TX/2FX||<= 4.70|
|2989556||FL SWITCH SMN 6TX/2FX SM||<= 4.70|
|2989365||FL NAT SMN 8TX||<= 4.63|
|2702443||FL NAT SMN 8TX-M||<= 4.63|
Multiple vulnerabilities have been discovered in the current firmware of the PHOENIX CONTACT FL SWITCH SMCS series switches.
Temporary Fix / Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:
Measures to protect network-capable devices with Ethernet connection
These vulnerabilities have been discovered and reported by Anne Borcherding, Fraunhofer- Institut für Optronik, Systemtechnik und Bildauswertung IOSB.
We kindly appreciate the coordinated disclosure of this vulnerability by the finder.
PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication.