Description
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service of Web-, SNMP- and ICMP-Echo services. The switching functionality of the device is not affected.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://cert.vde.com/en-us/advisories/vde-2021-023
Scores
CVSS v3
5.3
EPSS
0.0095
EPSS Percentile
56.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-404
Status
published
Products (15)
phoenixcontact/fl_nat_smn_8tx-m_firmware
< 4.63
phoenixcontact/fl_nat_smn_8tx_firmware
< 4.63
phoenixcontact/fl_switch_smcs_14tx\/2fx-sm_firmware
< 4.70
phoenixcontact/fl_switch_smcs_14tx\/2fx_firmware
< 4.70
phoenixcontact/fl_switch_smcs_16tx_firmware
< 4.70
phoenixcontact/fl_switch_smcs_4tx-pn_firmware
< 4.70
phoenixcontact/fl_switch_smcs_6gt\/2sfp_firmware
< 4.70
phoenixcontact/fl_switch_smcs_6tx\/2sfp_firmware
< 4.70
phoenixcontact/fl_switch_smcs_8gt_firmware
< 4.70
phoenixcontact/fl_switch_smcs_8tx-pn_firmware
< 4.70
... and 5 more
Published
Jun 25, 2021
Tracked Since
Feb 18, 2026