Share: Email | Twitter




2024-04-10 08:00 (CEST)

Last update

2024-04-09 08:46 (CEST)


Pepperl+Fuchs SE


Article No┬░ Product Name Affected Version(s)
70118644 ICE2-8IOL1-G65L-V1D <= 1.6.50
70104877 ICE2-8IOL-G65L-V1D <= 1.6.50
70108831 ICE2-8IOL-K45P-RJ45 <= 1.6.50
70104879 ICE2-8IOL-K45S-RJ45 <= 1.6.50
70118645 ICE3-8IOL1-G65L-V1D <= 1.6.50
70104876 ICE3-8IOL-G65L-V1D <= 1.6.50
70133474 ICE3-8IOL-G65L-V1D-Y <= 1.6.50
70108832 ICE3-8IOL-K45P-RJ45 <= 1.6.50
70104878 ICE3-8IOL-K45S-RJ45 <= 1.6.50


Critical vulnerabilities have been discovered in the product due to outdated software components.
The impact of the vulnerabilities on the affected device may result in

  • Denial of service
  • Bypassing of authentication
  • Information disclosure


Last Update
Jan. 26, 2023, 9:57 a.m.
Uncontrolled Resource Consumption (CWE-400)

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

Last Update
Feb. 12, 2024, 10:27 a.m.
Uncontrolled Resource Consumption (CWE-400)

The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that "(appropriately) short exponents" can be used when there are adequate subgroup constraints, and these short exponents can lead to less expensive calculations than for long exponents. This issue is different from CVE-2002-20001 because it is based on an observation about exponent size, rather than an observation about numbers that are not public keys. The specific situations in which calculation expense would constitute a server-side vulnerability depend on the protocol (e.g., TLS, SSH, or IKE) and the DHE implementation details. In general, there might be an availability concern because of server-side resource consumption from DHE modular-exponentiation calculations. Finally, it is possible for an attacker to exploit this vulnerability and CVE-2002-20001 together.

Last Update
June 27, 2023, 2:37 p.m.
Improper Input Validation (CWE-20)
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
Last Update
June 27, 2023, 2:33 p.m.
Improper Input Validation (CWE-20)
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.
Last Update
June 27, 2023, 2:35 p.m.
Improper Handling of Invalid Use of Special Elements (CWE-159)
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
Last Update
April 8, 2024, 2 p.m.
Insufficient Entropy (CWE-331)

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Last Update
March 26, 2024, 1:36 p.m.
Inadequate Encryption Strength (CWE-326)

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Last Update
March 26, 2024, 1:37 p.m.
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.


Pepperl+Fuchs analyzed and identified affected devices.
An attacker

  • could cause the web server to crash via the network. The remaining function of the gateway is not affected by this.
  • could by-pass authentication by falsifying cookies.
  • could reset the TCP connection as man-in-the-middle.
  • could read HTTP headers as man-in-the-middle.



External protective measures are required:

  • Disable the webserver after configuration, if possible, by following these steps:
    • Enable SSH via the web server.
    • Login to the SSH server.
    • Disable the webserver via SSH portal.
    • Reboot the device.


  • Use HTTPS rather than HTTP while using the webserver.
  • Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
  • Isolate affected products from the corporate network.
  • If remote access is required, use secure methods such as virtual private networks


Pepperl+Fuchs will provide an update to address some of these vulnerabilities in the future.

Reported by

CERT@VDE coordinated with Pepperl + Fuchs