Phoenix¹¤Òµ½»Á÷»úÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-02-19

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-13990£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.6£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13991£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13992£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.2£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13993£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-13994£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì¹æÄ£


ÊÜÓ°Ïì°æ±¾£º 

PHOENIX CONTACT FL SWITCH 4xxx

PHOENIX CONTACT FL SWITCH 48xx

PHOENIX CONTACT FL SWITCH 3xxx


Îó²î¸ÅÊö


Phoenix Contact FL SWITCHÊǵ¹ú·ÆÄá¿Ë˹µçÆø£¨Phoenix Contact£©¼¯ÍŵÄÒ»¿î¹¤Òµ¼¶ÒÔÌ«Íø½»Á÷»ú¡£


Phoenix Contact FL SWITCH 3xxx¡¢4xxxºÍ48xxϵÁй¤Òµ¿ØÖƽ»Á÷»ú±»Åû¶¶à¸öCVEÇå¾²Îó²î¡£ÀÖ³ÉʹÓÃÕâЩÎó²î¿ÉÄܵ¼Ö¹¤Òµ¿ØÖÆϵͳ(ICS)×ÌÈÅ£¬ÉõÖÁÍêÈ«ÖÐÖ¹¡£Contact FL ϵÁÐÔÚʯÓÍ¡¢ÄÜÔ´ÉèÊ©ºÍº£ÊÂϵͳÖÐÓ¦ÓÃÆձ飬ÕâÖÖϵͳÖпØÖÆÆ÷Ò»µ©¹ÊÕÏ»áÒý·¢´óƶÀ§¡£Îó²î¸ÅÊöÈçÏ£º


CVE-2018-13990

¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓеǼ³¬Ê±¹¦Ð§¡£¹¥»÷Õß¿Éͨ¹ýʵÑ鱩Á¦Æƽ⹥»÷ʹÓøÃÎó²î»ñÈ¡Óû§ÃûºÍÃÜÂ룬½ø¶ø»ñÈ¡»á¼ûȨÏÞ¡£


CVE-2018-13991

¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐÇå¾²´æ´¢Ãô¸ÐÐÅÏ¢¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñÈ¡½»Á÷»úµÄĬÈÏ˽Կ¡£


CVE-2018-13992

¸ÃÎó²îÔ´ÓÚWeb UI (HTTP)µÄĬÈÏÉèÖ㬳ÌÐò»áδ¼ÓÃÜ´«ÊäÓû§Æ¾Ö¤¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñÈ¡Ãô¸ÐÐÅÏ¢¡£


CVE-2018-13993

¸ÃÎó²îΪ¿çÕ¾ÇëÇóαÔìÎó²î¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÔì³ÉWebä¯ÀÀÆ÷ת´ï·ÇÔ¤ÆÚµÄÏÂÁî¡£


CVE-2018-13994

¹¥»÷Õß¿Éͨ¹ý¾ÙÐдó×ÚµÄWeb UIÅþÁ¬£¬Ê¹ÓøÃÎó²îÔì³É¾Ü¾ø·þÎñ¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ¹Ù·½ÒѾ­Ðû²¼Ð°汾1.35ÐÞ¸´ÁËÕâЩÎó²î£¬Çëµ½³§É̵ÄÖ÷Ò³ÏÂÔØ£ºhttps://www.phoenixcontact.com¡£


²Î¿¼Á´½Ó


https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02