CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

phoenixcontact

fl_switch_smcs_8tx-pn_firmware

3 known vulnerabilities · sorted by CVSS score

CVE-2021-21005

HIGH7.5

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.

phoenixcontact / fl_switch_smcs_16tx_firmware+14

Network

Published Jun 25, 2021

CVE-2021-21004

HIGH7.4

In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management which could then be executed by the client.

phoenixcontact / fl_switch_smcs_16tx_firmware+14

Adjacent

Published Jun 25, 2021

CVE-2021-21003

MEDIUM5.3

In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service of Web-, SNMP- and ICMP-Echo services. The switching functionality of the device is not affected.

phoenixcontact / fl_switch_smcs_16tx_firmware+14

Network

Published Jun 25, 2021