CVE-2019-9201 Information

Description

Phoenix Contact ILC 131 ETH ILC 131 ETH/XC ILC 151 ETH ILC 151 ETH/XC ILC 171 ETH 2TX ILC 191 ETH 2TX ILC 191 ME/AN and AXC 1050 devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes as demonstrated by using the Create Backup feature to traverse all directories.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://medium.com/@SergiuSechel/misconfiguration-in-ilc-gsm-gprs-devices-leaves-over-1-200-ics-devices-vulnerable-to-attacks-over-82c2d4a91561

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8