Denial of Service Vulnerability in Phoenix Contact FL SWITCH SMCS series products
Description
In Phoenix Contact FL SWITCH SMCS series products in multiple versions fragmented TCP-Packets may cause a Denial of Service of Web-, SNMP- and ICMP-Echo services. The switching functionality of the device is not affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Fragmented TCP packets cause denial of service for Web, SNMP, and ICMP-Echo services on Phoenix Contact FL SWITCH SMCS series switches.
Vulnerability
In Phoenix Contact FL SWITCH SMCS series products, multiple versions are affected by a vulnerability where fragmented TCP packets can cause a Denial of Service (DoS) of Web, SNMP, and ICMP-Echo services. The switching functionality of the device remains operational.
Exploitation
An attacker with network access to the device can send specially crafted fragmented TCP packets to the target. No authentication is required to trigger the DoS condition.
Impact
Successful exploitation results in a denial of service for the Web interface, SNMP, and ICMP-Echo services, making these management and monitoring functions unavailable. The core switching function of the device is not impacted.
Mitigation
As of the publication date, no specific fix version or workaround is disclosed in the available references [1]. Users are advised to monitor vendor advisories for updates.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Phoenix Contact/FL NATv5Range: SMN 8TX (2989365)
- Range: SMCS 16TX (2700996)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- cert.vde.com/en-us/advisories/vde-2021-023mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.