Buffer Overflow in PHOENIX CONTACT Automationworx Software Suite

Vulnerability

In PHOENIX CONTACT Automationworx Software Suite versions up to 1.89, insufficient validation of input data in PC Worx or Config+ files (BCP format) can lead to a heap buffer overflow and read access violation. The vulnerability is triggered when parsing specially crafted .bcp files [1].

Exploitation

An attacker must first obtain an original bus configuration file (.bcp) and manipulate its data. The attacker then needs to replace the original file on the application programming workstation with the manipulated one. No authentication is required beyond file access, but physical or remote file system access to the workstation is necessary [1].

Impact

Successful exploitation could compromise the availability, integrity, or confidentiality of the application programming workstation. An attacker may cause denial of service, data corruption, or information disclosure [1].

Mitigation

As of the latest update, no patch is indicated. Users should restrict access to .bcp files and ensure they are obtained from trusted sources. PHOENIX CONTACT recommends validating file integrity before loading [1].