Lucene search

[email protected]NVD:CVE-2020-9435

HistoryMar 12, 2020 - 2:15 p.m.

CVE-2020-9435

2020-03-1214:15:21

CWE-798

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

45.3%

JSON

PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices contain a hardcoded certificate (and key) that is used by default for web-based services on the device. Impersonation, man-in-the-middle, or passive decryption attacks are possible if the generic certificate is not replaced by a device-specific certificate during installation.

Affected configurations

Nvd

Node

phoenixcontacttc_router_3002t-4gMatch-

AND

phoenixcontacttc_router_3002t-4g_firmwareRange≤2.05.3

Node

phoenixcontacttc_router_2002t-3gMatch-

AND

phoenixcontacttc_router_2002t-3g_firmwareRange≤2.05.3

Node

phoenixcontacttc_router_3002t-4g_vzwMatch-

AND

phoenixcontacttc_router_3002t-4g_vzw_firmwareRange≤2.05.3

Node

phoenixcontacttc_router_3002t-4g_attMatch-

AND

phoenixcontacttc_router_3002t-4g_att_firmwareRange≤2.05.3

Node

phoenixcontacttc_cloud_client_1002-4gMatch-

AND

phoenixcontacttc_cloud_client_1002-4g_firmwareRange≤2.03.17

Node

phoenixcontacttc_cloud_client_1002-txtxMatch-

AND

phoenixcontacttc_cloud_client_1002-txtx_firmwareRange≤1.03.17

VendorProductVersionCPE
phoenixcontacttc_router_3002t-4g-cpe:2.3:h:phoenixcontact:tc_router_3002t-4g:-:*:*:*:*:*:*:*
phoenixcontacttc_router_3002t-4g_firmware*cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_firmware:*:*:*:*:*:*:*:*
phoenixcontacttc_router_2002t-3g-cpe:2.3:h:phoenixcontact:tc_router_2002t-3g:-:*:*:*:*:*:*:*
phoenixcontacttc_router_2002t-3g_firmware*cpe:2.3:o:phoenixcontact:tc_router_2002t-3g_firmware:*:*:*:*:*:*:*:*
phoenixcontacttc_router_3002t-4g_vzw-cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_vzw:-:*:*:*:*:*:*:*
phoenixcontacttc_router_3002t-4g_vzw_firmware*cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_vzw_firmware:*:*:*:*:*:*:*:*
phoenixcontacttc_router_3002t-4g_att-cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_att:-:*:*:*:*:*:*:*
phoenixcontacttc_router_3002t-4g_att_firmware*cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_att_firmware:*:*:*:*:*:*:*:*
phoenixcontacttc_cloud_client_1002-4g-cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-4g:-:*:*:*:*:*:*:*
phoenixcontacttc_cloud_client_1002-4g_firmware*cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-4g_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phoenixcontact	tc_router_3002t-4g	-	cpe:2.3:h:phoenixcontact:tc_router_3002t-4g:-:::::::*
phoenixcontact	tc_router_3002t-4g_firmware	*	cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_firmware::::::::
phoenixcontact	tc_router_2002t-3g	-	cpe:2.3:h:phoenixcontact:tc_router_2002t-3g:-:::::::*
phoenixcontact	tc_router_2002t-3g_firmware	*	cpe:2.3:o:phoenixcontact:tc_router_2002t-3g_firmware::::::::
phoenixcontact	tc_router_3002t-4g_vzw	-	cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_vzw:-:::::::*
phoenixcontact	tc_router_3002t-4g_vzw_firmware	*	cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_vzw_firmware::::::::
phoenixcontact	tc_router_3002t-4g_att	-	cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_att:-:::::::*
phoenixcontact	tc_router_3002t-4g_att_firmware	*	cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_att_firmware::::::::
phoenixcontact	tc_cloud_client_1002-4g	-	cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-4g:-:::::::*
phoenixcontact	tc_cloud_client_1002-4g_firmware	*	cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-4g_firmware::::::::

Rows per page:

1-10 of 121

References

packetstormsecurity.com/files/156729/Phoenix-Contact-TC-Router-TC-Cloud-Client-Command-Injection.html

seclists.org/fulldisclosure/2020/Mar/15

cert.vde.com/en-us/advisories/

cert.vde.com/en-us/advisories/vde-2020-003

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

45.3%

JSON

Related for NVD:CVE-2020-9435

prion1 cvelist1 cve1 zdt1 packetstorm1