Vulnerability Details CVE-2019-10997
An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be restarted manually via a Linux shell.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.8%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 7.1
References
Products affected by CVE-2019-10997
-
cpe:2.3:h:phoenixcontact:axc_f_2152:-
-
cpe:2.3:h:phoenixcontact:axc_f_2152_starterkit:-
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.01
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.02
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.1.0
-
cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:1.20
-
cpe:2.3:o:phoenixcontact:axc_f_2152_starterkit_firmware:*