CVE-2018-25112
HIGHPHOENIX CONTACT ILC 131, ILC 151, ILC 171, ILC 191 ETH - Unauthenticated Denial of Service via Network Traffic Flood
Title source: llmDescription
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.
References (1)
Core 1
Core References
Various Sources vendor-advisory
https://certvde.com/en/advisories/VDE-2018-012/
Scores
CVSS v3
7.5
EPSS
0.0039
EPSS Percentile
31.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-770
Status
published
Products (4)
PHOENIX CONTACT/ILC 131
vers:all/*
PHOENIX CONTACT/ILC 151
vers:all/*
PHOENIX CONTACT/ILC 171
vers:all/*
PHOENIX CONTACT/ILC 191 ETH
vers:all/*
Published
Jun 04, 2025
Tracked Since
Feb 18, 2026