CISA reports vulnerabilities in Phoenix Contact TC ROUTER and TC CLOUD client
Take action: Lock down your Phoenix Contact systems in a network that's not accessible from the internet. Then plan for a regular patch cycle.
Learn More
Phoenix Contact TC ROUTER and TC CLOUD CLIENT have been found to contain vulnerabilities, i which, if exploited, could result in code execution within the user's browser or a denial of service.
Phoenix Contact is a global manufacturer and supplier of industrial automation, interconnection, and interface solutions.
The vulnerabilities are tracked as
- CVE-2023-3526 (CVSS3 score 9.6) for the XSS vulnerability, with vulnerable versions CONTACT TC ROUTER and TC CLOUD CLIENT prior to version 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to version 2.06.10.
- CVE-2023-3569 (CVSS3 score 4.9) for the XML Entity Expansion vulnerability, with vulnerable versions PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENT prior to version 2.07.2 as well as CLOUD CLIENT 1101T-TX/TX prior to version 2.06.10
Phoenix Contact has issued the following fixed versions and encourages users to download the latest version:
- TC ROUTER 3002T-4G,
- TC ROUTER 3002T-4G ATT,
- TC ROUTER 3002T-4G VZW,
- TC CLOUD CLIENT 1002-4G,
- TC CLOUD CLIENT 1002-4G ATT,
- TC CLOUD CLIENT 1002-4G VZW,
- CLOUD CLIENT 1101T-TX/TX.
Additionally, they advise operating network-capable devices in closed networks or behind suitable firewalls.
No known public exploitation of these vulnerabilities has been reported at this time.
