CVE-2018-13994

Severity Score

7.5

*CVSS v3

Exploit Likelihood

< 1%

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.

La interfaz web de usuario de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones desde 1.0 hasta 1.34, es vulnerable a un ataque de denegación de servicio al realizar mas de 120 conexiones.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-07-11 CVE Reserved
2019-05-07 CVE Published
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/106737	Third Party Advisory
https://ics-cert.us-cert.gov/advisories...	Third Party Advisory

1 - 2 of 2

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions (29)

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3005 Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3005 Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3005 Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3005 Search vendor "Phoenixcontact" for product "Fl Switch 3005"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3005t Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3005t Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3005t Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3005t Search vendor "Phoenixcontact" for product "Fl Switch 3005t"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3004t-fx Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3004t-fx Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3004t-fx Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3004t-fx Search vendor "Phoenixcontact" for product "Fl Switch 3004t-fx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3004t-fx St Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3004t-fx St Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3004t-fx St Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3004t-fx St Search vendor "Phoenixcontact" for product "Fl Switch 3004t-fx St"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3008 Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3008 Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3008 Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3008 Search vendor "Phoenixcontact" for product "Fl Switch 3008"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3008t Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3008t Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3008t Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3008t Search vendor "Phoenixcontact" for product "Fl Switch 3008t"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3006t-2fx Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3006t-2fx Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3006t-2fx Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3006t-2fx Search vendor "Phoenixcontact" for product "Fl Switch 3006t-2fx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3006t-2fx St Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3006t-2fx St Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3006t-2fx St Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3006t-2fx St Search vendor "Phoenixcontact" for product "Fl Switch 3006t-2fx St"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3012e-2sfx Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3012e-2sfx Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3012e-2sfx Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3012e-2sfx Search vendor "Phoenixcontact" for product "Fl Switch 3012e-2sfx"	-	-	Safe
Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3016e Firmware Search vendor "Phoenixcontact" for product "Fl Switch 3016e Firmware"	>= 1.0 <= 1.34 Search vendor "Phoenixcontact" for product "Fl Switch 3016e Firmware" and version " >= 1.0 <= 1.34"	-	Affected	in	Phoenixcontact Search vendor "Phoenixcontact"	Fl Switch 3016e Search vendor "Phoenixcontact" for product "Fl Switch 3016e"	-	-	Safe

1 - 10 of 29