Search criteria
2 vulnerabilities found for ILC 191 ETH by PHOENIX CONTACT
CVE-2018-25112 (GCVE-0-2018-25112)
Vulnerability from cvelistv5 – Published: 2025-06-04 09:37 – Updated: 2025-06-04 13:16
VLAI?
Title
PHOENIX CONTACT: ILC 1x1 ETH Denial of Service
Summary
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.
Severity ?
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | ILC 131 |
Affected:
vers:all/*
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Matthias Niedermaier (Hochschule Augsburg)
Jan-Ole Malchow (Freie Universität Berlin)
Florian Fischer (Hochschule Augsburg)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T13:15:35.632513Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T13:16:07.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ILC 131",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 151",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 171",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 191 ETH",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthias Niedermaier (Hochschule Augsburg)"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jan-Ole Malchow (Freie Universita\u0308t Berlin)"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Florian Fischer (Hochschule Augsburg)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
}
],
"value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T09:37:34.736Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://certvde.com/en/advisories/VDE-2018-012/"
}
],
"source": {
"advisory": "VDE-2018-012",
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: ILC 1x1 ETH Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2018-25112",
"datePublished": "2025-06-04T09:37:34.736Z",
"dateReserved": "2025-06-04T08:00:35.844Z",
"dateUpdated": "2025-06-04T13:16:07.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25112 (GCVE-0-2018-25112)
Vulnerability from nvd – Published: 2025-06-04 09:37 – Updated: 2025-06-04 13:16
VLAI?
Title
PHOENIX CONTACT: ILC 1x1 ETH Denial of Service
Summary
An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.
Severity ?
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PHOENIX CONTACT | ILC 131 |
Affected:
vers:all/*
|
|||||||||||||||||
|
|||||||||||||||||||
Credits
Matthias Niedermaier (Hochschule Augsburg)
Jan-Ole Malchow (Freie Universität Berlin)
Florian Fischer (Hochschule Augsburg)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25112",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T13:15:35.632513Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T13:16:07.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ILC 131",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 151",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 171",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ILC 191 ETH",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matthias Niedermaier (Hochschule Augsburg)"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jan-Ole Malchow (Freie Universita\u0308t Berlin)"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Florian Fischer (Hochschule Augsburg)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
}
],
"value": "An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T09:37:34.736Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://certvde.com/en/advisories/VDE-2018-012/"
}
],
"source": {
"advisory": "VDE-2018-012",
"discovery": "EXTERNAL"
},
"title": "PHOENIX CONTACT: ILC 1x1 ETH Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2018-25112",
"datePublished": "2025-06-04T09:37:34.736Z",
"dateReserved": "2025-06-04T08:00:35.844Z",
"dateUpdated": "2025-06-04T13:16:07.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}