| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| 1153509 | E-Mobility Charging Suite | <= 1.7.0 |
| 1153513 | E-Mobility Charging Suite | <= 1.7.0 |
| 1086929 | E-Mobility Charging Suite | <= 1.7.0 |
| 1153516 | E-Mobility Charging Suite | <= 1.7.0 |
| 1086891 | E-Mobility Charging Suite | <= 1.7.0 |
| 1153508 | E-Mobility Charging Suite | <= 1.7.0 |
| 1153520 | E-Mobility Charging Suite | <= 1.7.0 |
| 1086921 | E-Mobility Charging Suite | <= 1.7.0 |
| 1086889 | E-Mobility Charging Suite | <= 1.7.0 |
| 1086920 | E-Mobility Charging Suite | <= 1.7.0 |
| 2702889 | FL Network Manager | <= 7.0 |
| 1083065 | IOL Conf | <= 1.7.0 |
| 1636198 | MTP DESIGNER | <= 1.2.0 BETA |
| 1636200 | MTP DESIGNER TRIAL | <= 1.2.0 BETA |
| -- | PHOENIX CONTACT Activation Wizard | <= 1.6 |
| 1373907 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373909 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373233 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373910 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373226 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373236 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373231 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373224 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373913 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373912 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373238 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373914 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373915 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373916 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373917 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373918 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1373908 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550573 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550576 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550581 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550587 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550580 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550582 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1532628 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550574 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1550589 | PHOENIX CONTACT Activation Wizard in MORYX Software Platform | <= 1.6 |
| 1046008 | PLCnext Engineer | <= 2023.6 |
| 1165889 | PLCnext Engineer EDU LIC | <= 2023.6 |
A Vulnerability in WIBU-SYSTEMS CodeMeter Runtime affects multiple Phoenix Contact products.
Phoenix Contact devices using CodeMeter embedded are not affected by this vulnerability.
Update A, 2023-11-13
Removed CVE-2023-4701 because it was revoked.
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
An attacker exploiting the vulnerability in WIBU CodeMeter Runtime in server mode could gain full access to the affected server via network access without any user interaction.
Exploiting the vulnerability in WIBU CodeMeter Runtime in non-networked workstation mode could lead to a privilege elevation and full admin access on this workstation.
Mitigation
1. Use general security best practices to protect systems from local and network attacks like described in the application node AH EN INDUSTRIAL SECURITY.
2. Run CodeMeter as client only and use localhost as binding for the CodeMeter communication. With binding to localhost an attack is no longer possible via remote network connection. The network server is disabled by default. If it is not possible to disable the network server, using a host-based firewall to restrict access to the network for reducing the risk is strongly recommended.
3. The CmWAN server is disabled by default. Please check if CmWAN is enabled and disable the feature if it is not needed.
4. Run the CmWAN server only behind a reverse proxy with user authentication to prevent attacks from unauthenticated users. The risk of an unauthenticated attacker can be further reduced by using a host-based firewall that only allows the reverse proxy to access the CmWAN port.
Remediation
PHOENIX CONTACT strongly recommends affected users to upgrade to CodeMeter V7.60c, which fixes these vulnerabilities. WIBU-SYSTEMS has already published this update for CodeMeter on their homepage. Since this current version of CodeMeter V7.60c has not yet been incorporated into Phoenix Contact products, we strongly recommend to download and install the current CodeMeter version directly from the WIBU-SYSTEMS homepage.
Install Phoenix Contact Activation Wizard from version 1.7 when available.
Please check the Phoenix Contact e-Shop for your related Software product regularly.
CERT@VDE coordinated with PHOENIX CONTACT.