// For flags

CVE-2019-9201

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple Phoenix Contact devices allow remote attackers to establish TCP sessions to port 1962 and obtain sensitive information or make changes, as demonstrated by using the Create Backup feature to traverse all directories.

Múltiples dispositivos Phoenix Contact permiten a los atacantes remotos establecer sesiones TCP al puerto 1962 y obtener información sensible o realizar cambios, como se ha demostrado al utilizar la función Crear copia de seguridad para recorrer todos los directorios

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-02-26 CVE Reserved
  • 2019-02-26 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-16 First Exploit
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-306: Missing Authentication for Critical Function
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 131 Eth Firmware
Search vendor "Phoenixcontact" for product "Ilc 131 Eth Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 131 Eth
Search vendor "Phoenixcontact" for product "Ilc 131 Eth"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 131 Eth\/xc Firmware
Search vendor "Phoenixcontact" for product "Ilc 131 Eth\/xc Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 131 Eth\/xc
Search vendor "Phoenixcontact" for product "Ilc 131 Eth\/xc"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 151 Eth Firmware
Search vendor "Phoenixcontact" for product "Ilc 151 Eth Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 151 Eth
Search vendor "Phoenixcontact" for product "Ilc 151 Eth"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 151 Eth\/xc Firmware
Search vendor "Phoenixcontact" for product "Ilc 151 Eth\/xc Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 151 Eth\/xc
Search vendor "Phoenixcontact" for product "Ilc 151 Eth\/xc"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 171 Eth 2tx Firmware
Search vendor "Phoenixcontact" for product "Ilc 171 Eth 2tx Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 171 Eth 2tx
Search vendor "Phoenixcontact" for product "Ilc 171 Eth 2tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 191 Eth 2tx Firmware
Search vendor "Phoenixcontact" for product "Ilc 191 Eth 2tx Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 191 Eth 2tx
Search vendor "Phoenixcontact" for product "Ilc 191 Eth 2tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 191 Me\/an Firmware
Search vendor "Phoenixcontact" for product "Ilc 191 Me\/an Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Ilc 191 Me\/an
Search vendor "Phoenixcontact" for product "Ilc 191 Me\/an"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
 Axc 1050 Firmware
Search vendor "Phoenixcontact" for product "Axc 1050 Firmware"
--
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
 Axc 1050
Search vendor "Phoenixcontact" for product "Axc 1050"
--
Safe