Description
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://cert.vde.com/en-us/advisories/vde-2021-023
Scores
CVSS v3
7.5
EPSS
0.0068
EPSS Percentile
47.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-362
Status
published
Products (15)
phoenixcontact/fl_nat_smn_8tx-m_firmware
< 4.63
phoenixcontact/fl_nat_smn_8tx_firmware
< 4.63
phoenixcontact/fl_switch_smcs_14tx\/2fx-sm_firmware
< 4.70
phoenixcontact/fl_switch_smcs_14tx\/2fx_firmware
< 4.70
phoenixcontact/fl_switch_smcs_16tx_firmware
< 4.70
phoenixcontact/fl_switch_smcs_4tx-pn_firmware
< 4.70
phoenixcontact/fl_switch_smcs_6gt\/2sfp_firmware
< 4.70
phoenixcontact/fl_switch_smcs_6tx\/2sfp_firmware
< 4.70
phoenixcontact/fl_switch_smcs_8gt_firmware
< 4.70
phoenixcontact/fl_switch_smcs_8tx-pn_firmware
< 4.70
... and 5 more
Published
Jun 25, 2021
Tracked Since
Feb 18, 2026