Unrated severityNVD Advisory· Published Feb 18, 2020· Updated Aug 5, 2024

CVE-2018-16994

Description

An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL F BK ETH <= 1.12, and AXL F BK ETH XC <= 1.11 devices and Bosch Rexroth S20-ETH-BK and Rexroth S20-PN-BK+ (the S20-PN-BK+/S20-ETH-BK fieldbus couplers sold by Bosch Rexroth contain technology from Phoenix Contact). Incorrect handling of a request with non-standard symbols allows remote attackers to initiate a complete lock up of the bus coupler. Authentication of the request is not required.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

PHOENIX CONTACT/AXL F BK PNdescription
Phoenixcontact/AXL F BK PN, AXL F BK ETH, AXL F BK ETH XCllm-create
Range: <=1.0.4 (AXL F BK PN); <=1.12 (AXL F BK ETH); <=1.11 (AXL F BK ETH XC)
Rexroth/S20-ETH-BK / S20-PN-BK+llm-create

Patches

Vulnerability mechanics

References

psirt.bosch.com/security-advisories/bosch-sa-645125.htmlmitrex_refsource_CONFIRM
www.phoenixcontact.com/assets/downloads_ed/local_pc/web_dwl_technical_info/Security_Advirory_CVE-2018-16994.pdfmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000