VDE-2020-026

Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2020-08-20 07:11 - Updated: 2025-05-22 13:03
Summary
PHOENIX CONTACT: Denial-of-Service vulnerabilty in Emalytics, ILC 2050 BI and ILC 2050 BI-L
Notes
Summary: A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart to correct.
Impact: Successful exploitation of this vulnerability could result in a denial-of-service condition.
Mitigation: Phoenix Contact recommends customers with affected products take the following steps to protect themselves: • Review and validate the list of users who are authorized and who can authenticate to Emalytics. • Allow only trained and trusted persons to have physical access to the system, including devices that have connection to the system though the Ethernet port. Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note: Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY 'Measures to protect network-capable devices with Ethernet connection against unauthorized access'
Remedation: This vulnerability will be fixed in the regular firmware release (v.1.4.0) which is expected to be available October 2020.
CVE-2020-14483
4.3 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE-1088 - Synchronous Access of Remote Resource without Timeout
Mitigation Phoenix Contact recommends customers with affected products take the following steps to protect themselves: • Review and validate the list of users who are authorized and who can authenticate to Emalytics. • Allow only trained and trusted persons to have physical access to the system, including devices that have connection to the system though the Ethernet port. Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note: Art.-Nr. 107913: AH EN INDUSTRIAL SECURITY 'Measures to protect network-capable devices with Ethernet connection against unauthorized access' external link
Vendor Fix This vulnerability will be fixed in the regular firmware release (v.1.4.0) which is expected to be available October 2020.
References
Acknowledgments
CERT@VDE
CISA
Honeywell
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination"
      },
      {
        "organization": "CISA",
        "summary": "coordination"
      },
      {
        "organization": "Honeywell",
        "summary": "reported"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart to correct.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Successful exploitation of this vulnerability could result in a denial-of-service condition.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Phoenix Contact recommends customers with affected products take the following steps to protect themselves:\n\n\u2022 Review and validate the list of users who are authorized and who can authenticate to Emalytics.\n\n\u2022 Allow only trained and trusted persons to have physical access to the system, including devices that have connection to the system though the Ethernet port.\n\nPhoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\n\nArt.-Nr. 107913: AH EN INDUSTRIAL SECURITY \u0027Measures to protect network-capable devices with Ethernet connection against unauthorized access\u0027",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "This vulnerability will be fixed in the regular firmware release (v.1.4.0) which is expected to be available October 2020.",
        "title": "Remedation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@phoenixcontact.com",
      "name": "Phoenix Contact GmbH \u0026 Co. KG",
      "namespace": "https://phoenixcontact.com/psirt"
    },
    "references": [
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Phoenix Contact",
        "url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
      },
      {
        "category": "self",
        "summary": "VDE-2020-026: PHOENIX CONTACT: Denial-of-Service vulnerabilty in Emalytics, ILC 2050 BI and ILC 2050 BI-L - HTML",
        "url": "https://certvde.com/de/advisories/VDE-2020-026/"
      },
      {
        "category": "self",
        "summary": "VDE-2020-026: PHOENIX CONTACT: Denial-of-Service vulnerabilty in Emalytics, ILC 2050 BI and ILC 2050 BI-L - CSAF",
        "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2020/vde-2020-026.json"
      }
    ],
    "title": "PHOENIX CONTACT: Denial-of-Service vulnerabilty in Emalytics, ILC 2050 BI and ILC 2050 BI-L",
    "tracking": {
      "aliases": [
        "VDE-2020-026"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2024-10-28T12:57:43.164Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.13"
        }
      },
      "id": "VDE-2020-026",
      "initial_release_date": "2020-08-20T07:11:00.000Z",
      "revision_history": [
        {
          "date": "2020-08-20T07:11:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2024-11-06T11:27:01.000Z",
          "number": "2",
          "summary": "Fix: correct certvde domain, added self-reference"
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "3",
          "summary": "Fix: version space, added distribution, quotation mark"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "ILC 2050 BI",
                "product": {
                  "name": "Hardware ILC 2050 BI",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "ILC 2050 BI-L",
                "product": {
                  "name": "Hardware ILC 2050 BI-L",
                  "product_id": "CSAFPID-11002"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=1.3.0",
                "product": {
                  "name": "Firmware \u003c=1.3.0",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "v.1.4.0",
                "product": {
                  "name": "Firmware v.1.4.0",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Emalytics Automation Workbench N4",
                "product": {
                  "name": "Software Emalytics Automation Workbench N4",
                  "product_id": "CSAFPID-51001"
                }
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "PHOENIX CONTACT"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.3.0 installed on Hardware ILC 2050 BI",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.3.0 installed on Hardware ILC 2050 BI-L",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "external_component_of",
        "full_product_name": {
          "name": "Firmware \u003c=1.3.0 external component of Software Emalytics Automation Workbench N4",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-51001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v.1.4.0 installed on Hardware ILC 2050 BI",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware v.1.4.0 installed on Hardware ILC 2050 BI-L",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "external_component_of",
        "full_product_name": {
          "name": "Firmware v.1.4.0 external component of Software Emalytics Automation Workbench N4",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-51001"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-14483",
      "cwe": {
        "id": "CWE-1088",
        "name": "Synchronous Access of Remote Resource without Timeout"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110) and Niagara Enterprise Security (Versions 2.4.31, 2.4.45, 4.8.0.35) to correct.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Phoenix Contact recommends customers with affected products take the following steps to protect themselves:\n\n\u2022 Review and validate the list of users who are authorized and who can authenticate to Emalytics.\n\n\u2022 Allow only trained and trusted persons to have physical access to the system, including devices that have connection to the system though the Ethernet port.\n\nPhoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:\n\nArt.-Nr. 107913: AH EN INDUSTRIAL SECURITY \u0027Measures to protect network-capable devices with Ethernet connection against unauthorized access\u0027 external link",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "This vulnerability will be fixed in the regular firmware release (v.1.4.0) which is expected to be available October 2020.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 4.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 4.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003"
          ]
        }
      ],
      "title": "CVE-2020-14483"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.