CVE-2021-21005 : In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an att

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.

Published 2021-06-25 19:15:09

Updated 2021-07-01 23:56:53

Source CERT VDE

View at NVD, CVE.org

Products affected by CVE-2021-21005

Phoenixcontact » Fl Nat Smn 8tx-m Firmware
Versions up to, including, (<=) 4.63
cpe:2.3:o:phoenixcontact:fl_nat_smn_8tx-m_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Nat Smn 8tx-m » Version: N/A
Phoenixcontact » Fl Nat Smn 8tx Firmware
Versions up to, including, (<=) 4.63
cpe:2.3:o:phoenixcontact:fl_nat_smn_8tx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Nat Smn 8tx » Version: N/A
Phoenixcontact » Fl Switch Smcs 16tx Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_16tx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 16tx » Version: N/A
Phoenixcontact » Fl Switch Smcs 14tx/2fx Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_14tx\/2fx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 14tx/2fx » Version: N/A
Phoenixcontact » Fl Switch Smcs 14tx/2fx-sm Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_14tx\/2fx-sm_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 14tx/2fx-sm » Version: N/A
Phoenixcontact » Fl Switch Smcs 8gt Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_8gt_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 8gt » Version: N/A
Phoenixcontact » Fl Switch Smcs 6gt/2sfp Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_6gt\/2sfp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 6gt/2sfp » Version: N/A
Phoenixcontact » Fl Switch Smcs 8tx-pn Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_8tx-pn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 8tx-pn » Version: N/A
Phoenixcontact » Fl Switch Smcs 4tx-pn Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_4tx-pn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 4tx-pn » Version: N/A
Phoenixcontact » Fl Switch Smcs 8tx Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_8tx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 8tx » Version: N/A
Phoenixcontact » Fl Switch Smcs 6tx/2sfp Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smcs_6tx\/2sfp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smcs 6tx/2sfp » Version: N/A
Phoenixcontact » Fl Switch Smn 6tx/2pof-pn Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smn_6tx\/2pof-pn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smn 6tx/2pof-pn » Version: N/A
Phoenixcontact » Fl Switch Smn 8tx-pn Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smn_8tx-pn_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smn 8tx-pn » Version: N/A
Phoenixcontact » Fl Switch Smn 6tx/2fx Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smn_6tx\/2fx_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smn 6tx/2fx » Version: N/A
Phoenixcontact » Fl Switch Smn 6tx/2fx Sm Firmware
Versions up to, including, (<=) 4.70
cpe:2.3:o:phoenixcontact:fl_switch_smn_6tx\/2fx_sm_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Phoenixcontact » Fl Switch Smn 6tx/2fx Sm » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-21005

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 10 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-21005

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	CERT VDE
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-21005

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Assigned by: info@cert.vde.com (Primary)

References for CVE-2021-21005

https://cert.vde.com/en-us/advisories/vde-2021-023

PHOENIX CONTACT : Security Advisory for FL SWITCH SMCS series — English (USA)
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-21005

Products affected by CVE-2021-21005

Exploit prediction scoring system (EPSS) score for CVE-2021-21005

CVSS scores for CVE-2021-21005

CWE ids for CVE-2021-21005

References for CVE-2021-21005