Security News > 2020 > March > Several Vulnerabilities Expose Phoenix Contact Industrial 4G Routers to Attacks
2020-03-12 16:03
Several potentially serious vulnerabilities have been discovered in some of the industrial 4G routers made by Phoenix Contact, a Germany-based provider of industrial automation, connectivity and interface solutions.
TC CLOUD CLIENT devices provide an industrial VPN gateway for remote maintenance via a 4G network.
SEC Consult has discovered three types of vulnerabilities affecting these routers.
The version used in these devices is affected by several vulnerabilities, including ones that could be used for code execution and writing arbitrary files.
The vulnerabilities were reported to the vendor in late January and firmware updates were released in early March, which is impressive for an industrial solutions vendor.
News URL
Related news
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- New botnet exploits vulnerabilities in NVRs, TP-Link routers (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)