CVE-2020-9435

PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices contain a hardcoded certificate (and key) that is used by default for web-based services on the device. Impersonation, man-in-the-middle, or passive decryption attacks are possible if the generic certificate is not replaced by a device-specific certificate during installation.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_router_3002t-4g:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_router_2002t-3g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_router_2002t-3g:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_vzw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_vzw:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_router_3002t-4g_att_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_router_3002t-4g_att:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-4g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-4g:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:phoenixcontact:tc_cloud_client_1002-txtx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:phoenixcontact:tc_cloud_client_1002-txtx:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:40

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/156729/Phoenix-Contact-TC-Router-TC-Cloud-Client-Command-Injection.html - Exploit, Third Party Advisory () http://packetstormsecurity.com/files/156729/Phoenix-Contact-TC-Router-TC-Cloud-Client-Command-Injection.html - Exploit, Third Party Advisory
References () http://seclists.org/fulldisclosure/2020/Mar/15 - Exploit, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Mar/15 - Exploit, Third Party Advisory
References () https://cert.vde.com/en-us/advisories/ - Third Party Advisory () https://cert.vde.com/en-us/advisories/ - Third Party Advisory
References () https://cert.vde.com/en-us/advisories/vde-2020-003 - Third Party Advisory () https://cert.vde.com/en-us/advisories/vde-2020-003 - Third Party Advisory

Information

Published : 2020-03-12 14:15

Updated : 2024-11-21 05:40


NVD link : CVE-2020-9435

Mitre link : CVE-2020-9435

CVE.ORG link : CVE-2020-9435


JSON object : View

Products Affected

phoenixcontact

  • tc_router_3002t-4g_firmware
  • tc_cloud_client_1002-4g_firmware
  • tc_cloud_client_1002-4g
  • tc_router_3002t-4g_att_firmware
  • tc_router_3002t-4g_vzw
  • tc_cloud_client_1002-txtx
  • tc_router_3002t-4g_att
  • tc_router_2002t-3g
  • tc_cloud_client_1002-txtx_firmware
  • tc_router_2002t-3g_firmware
  • tc_router_3002t-4g_vzw_firmware
  • tc_router_3002t-4g
CWE
CWE-798

Use of Hard-coded Credentials