Out-of-bounds Read in PHOENIX CONTACT Automationworx Software Suite

Vulnerability

In PHOENIX CONTACT Automationworx Software Suite versions up to 1.89, insufficient input validation when parsing bus configuration files (*.bcp) can lead to memory reads beyond the intended scope, including heap buffer overflows, release of unallocated memory, or read access violations [1].

Exploitation

An attacker must gain access to an original *.bcp file, manipulate its data, and then replace the original file on the application programming workstation. The workstation user must subsequently open the manipulated file in the software to trigger the vulnerability [1].

Impact

Successful exploitation can compromise the availability, integrity, or confidentiality of the application programming workstation. Potential outcomes include information disclosure, denial of service, or arbitrary code execution depending on the specific memory corruption [1].

Mitigation

Update to Automationworx Software Suite version 1.90 or later, which contains the fix. As a workaround, avoid opening untrusted BCP files from unverified sources [1].