Discover the details of CVE-2021-21004, a high-severity Cross-site Scripting vulnerability in Phoenix Contact FL SWITCH SMCS series products. Learn the impact, affected systems, and mitigation steps.
A Cross-site Scripting vulnerability, identified as CVE-2021-21004, has been discovered in Phoenix Contact FL SWITCH SMCS series products, allowing attackers to insert malicious code through LLDP frames into the web-based management system.
Understanding CVE-2021-21004
This section provides insights into the impact, technical details, and mitigation strategies related to the CVE-2021-21004 vulnerability.
What is CVE-2021-21004?
The vulnerability allows threat actors to execute arbitrary code by injecting malicious scripts via LLDP frames in the web management interface of affected Phoenix Contact FL SWITCH SMCS devices.
The Impact of CVE-2021-21004
With a CVSS base score of 7.4 (high severity), the attack requires no privileges and user interaction, affecting confidentiality and integrity while changing the system scope. The attack complexity is low, exploiting an adjacent network without availability impact.
Technical Details of CVE-2021-21004
The technical aspects of the vulnerability, including a detailed description, affected systems, and exploitation methods, are outlined below.
Vulnerability Description
The flaw enables the injection of malicious code through LLDP frames in the web-based management system of Phoenix Contact FL SWITCH SMCS series products.
Affected Systems and Versions
Phoenix Contact FL SWITCH SMCS products versions 4.70 and below, including models like SMCS 16TX, SMCS 14TX/2FX, SMN 8TX, and more, are impacted by this vulnerability.
Exploitation Mechanism
Attackers utilize LLDP frames to plant malicious script injections within the web interface, potentially gaining control over the affected device.
Mitigation and Prevention
Learn how to protect your systems against CVE-2021-21004 by following the immediate steps, long-term security practices, and patching recommendations provided below.
Immediate Steps to Take
Phoenix Contact recommends operating network-capable devices in closed networks or behind a firewall to prevent unauthorized access.
Long-Term Security Practices
Implement a robust security policy, conduct regular security audits, and train personnel on identifying and mitigating XSS vulnerabilities.
Patching and Updates
Stay informed about security updates from Phoenix Contact, including patches to address the CVE-2021-21004 vulnerability.