{ "document": { "acknowledgments": [ { "organization": "CERT@VDE", "summary": "coordination", "urls": [ "https://certvde.com" ] }, { "organization": "Hochschule Augsburg", "names": [ "Matthias Niedermaier", "Florian Fischer" ], "summary": "reporting" }, { "organization": "Freie Universität Berlin", "names": [ "Jan-Ole Malchow" ], "summary": "reporting" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-GB", "notes": [ { "category": "summary", "text": "The processing program of the IEC 61131 program can be slowed down or stopped completely by creating a large amount of network traffic that needs to be handled by the ILC.", "title": "Summary" }, { "category": "description", "text": "The processing of the network load takes up so much CPU power that the operation of all functions of the device, including the 61131 program, will slow down. This may affect the automation task. Once the network load is removed the ILC will return to normal state.", "title": "Impact" }, { "category": "description", "text": "Customers using Phoenix Contact ILC 1x1 are recommended to operate the devices in closed networks or protected with a suitable firewall.\n\nFor detailed information on our recommendations for measures to protect network-cabable devices, please refer to our application note:\nhttps://www.phoenixcontact.com/assets/downloads_ed/local_pc/web_dwl_technical_info/ah_en_industrial_security_107913_en_01.pdf", "title": "Mitigation" } ], "publisher": { "contact_details": "psirt@phoenixcontact.com", "name": "Phoenix Contact GmbH & Co. KG", "namespace": "https://phoenixcontact.com/psirt", "category": "vendor" }, "references": [ { "category": "self", "summary": "VDE-2018-012: PHOENIX CONTACT: ILC 1x1 ETH Denial of Service - HTML", "url": "https://certvde.com/en/advisories/VDE-2018-012/" }, { "category": "self", "summary": "VDE-2018-012: PHOENIX CONTACT: ILC 1x1 ETH Denial of Service - CSAF", "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2018/vde-2018-012.json" }, { "category": "external", "summary": "Vendor PSIRT", "url": "https://phoenixcontact.com/psirt" }, { "category": "external", "summary": "CERT@VDE Security Advisories for Phoenix Contact GmbH & Co. KG", "url": "https://certvde.com/en/advisories/vendor/phoenixcontact/" } ], "title": "PHOENIX CONTACT: ILC 1x1 ETH Denial of Service", "tracking": { "aliases": [ "VDE-2018-012" ], "current_release_date": "2018-08-13T11:55:00.000Z", "generator": { "date": "2025-06-16T09:03:39.749Z", "engine": { "name": "Secvisogram", "version": "2.5.27" } }, "id": "VDE-2018-012", "initial_release_date": "2018-08-13T11:55:00.000Z", "revision_history": [ { "date": "2018-08-13T11:55:00.000Z", "number": "1.0.0", "summary": "Initial revision." } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "name": "Vendor", "category": "vendor", "branches": [ { "name": "Hardware", "category": "product_family", "branches": [ { "name": "ILC 131", "category": "product_name", "product": { "name": "ILC 131", "product_id": "CSAFPID-11001" } }, { "name": "ILC 151", "category": "product_name", "product": { "name": "ILC 151", "product_id": "CSAFPID-11002" } }, { "name": "ILC 171", "category": "product_name", "product": { "name": "ILC 171", "product_id": "CSAFPID-11003" } }, { "name": "ILC 191 ETH", "category": "product_name", "product": { "name": "ILC 191 ETH", "product_id": "CSAFPID-11004" } } ] }, { "name": "Firmware", "category": "product_family", "branches": [ { "name": "vers:all/*", "category": "product_version_range", "product": { "name": "Firmware vers:all/*", "product_id": "CSAFPID-21001" } } ] } ] } ], "product_groups": [ { "group_id": "CSAFGID-0001", "product_ids": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004" ], "summary": "Affected products." } ], "relationships": [ { "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11001", "category": "installed_on", "full_product_name": { "name": "Firmware vers:all/* installed on ILC 131", "product_id": "CSAFPID-31001" } }, { "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11002", "category": "installed_on", "full_product_name": { "name": "Firmware vers:all/* installed on ILC 151", "product_id": "CSAFPID-31002" } }, { "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11003", "category": "installed_on", "full_product_name": { "name": "Firmware vers:all/* installed on ILC 171", "product_id": "CSAFPID-31003" } }, { "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11004", "category": "installed_on", "full_product_name": { "name": "Firmware vers:all/* installed on ILC 191 ETH", "product_id": "CSAFPID-31004" } } ] }, "vulnerabilities": [ { "cve": "CVE-2018-25112", "notes": [ { "audience": "all", "category": "description", "text": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.", "title": "Vulnerability Description" } ], "product_status": { "known_affected": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004" ] }, "remediations": [ { "category": "mitigation", "details": "Customers using Phoenix Contact ILC 1x1 are recommended to operate the devices in closed networks or protected with a suitable firewall.\n\nFor detailed information on our recommendations for measures to protect network-cabable devices, please refer to our application note:\nhttps://www.phoenixcontact.com/assets/downloads_ed/local_pc/web_dwl_technical_info/ah_en_industrial_security_107913_en_01.pdf", "group_ids": [ "CSAFGID-0001" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-31001", "CSAFPID-31002", "CSAFPID-31003", "CSAFPID-31004" ] } ], "title": "CVE-2018-25112", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" } } ] }