CVE-2021-33540 : What You Need to Know
Learn about CVE-2021-33540, a high-severity vulnerability in Phoenix Contact devices allowing unauthorized FTP access to root directories. Find out affected systems, impact, and mitigation strategies.
In certain devices of the Phoenix Contact AXL F BK and IL BK product families, an undocumented password-protected FTP access to the root directory exists.
Understanding CVE-2021-33540
This CVE identifies a vulnerability in Phoenix Contact devices that allows unauthorized FTP access, potentially leading to security breaches.
What is CVE-2021-33540?
Certain devices within Phoenix Contact AXL F BK and IL BK product families have an undocumented FTP access vulnerability, posing a security risk.
The Impact of CVE-2021-33540
The vulnerability allows unauthorized access to the root directory of affected devices, which could be exploited by malicious actors to compromise system security.
Technical Details of CVE-2021-33540
The vulnerability is classified with a CVSS base score of 7.3, indicating a high severity level with low attack complexity through network vectors.
Vulnerability Description
The flaw resides in the undocumented password protected FTP access present in certain Phoenix Contact AXL F BK and IL BK devices.
Affected Systems and Versions
- AXL F PN TPS XC (1068857) version less than 1.30
- AXL F EIP EF (2702782) version less than 1.30
- AXL F PN TPS (2403869) version less than 1.30
- AXL F EIP (2688394) version less than 1.30
- AXL F ETH (2688459) version less than 1.30
- AXL F ETH XC (2701949) version less than 1.30
- AXL F S3 (2701686) version less than 1.40
- AXL F PN, AXL F PN XC, AXL F ETH NET2, AXL F SAS: all revisions affected
- IL PN BK-PAC, IL PN BK DI8 DO4 2TX-PAC, IL PN BK DI8 DO4 2SCRJ-PAC, IL ETH BK DI8 DO4 2TX-XC-PAC, IL ETH BK DI8 DO4 2TX-PAC, IL EIP BK DI8 DO4 2TX-PAC, IL S3 BK DI8 DO4 2TX-PAC: all revisions affected
Exploitation Mechanism
The vulnerability allows attackers to gain unauthorized access to the root directory of the affected Phoenix Contact devices through FTP, potentially leading to unauthorized data retrieval or system compromise.
Mitigation and Prevention
Organizations can mitigate the risk associated with CVE-2021-33540 by following certain security practices and applying necessary patches.
Immediate Steps to Take
It is recommended to restrict network access to vulnerable devices, monitor FTP activities, and apply vendor-provided patches promptly.
Long-Term Security Practices
Implement secure network configurations, restrict access to critical systems, regularly audit device security, and educate users on FTP best practices.
Patching and Updates
Refer to the advisory provided by Phoenix Contact for a list of updated firmware versions that address the vulnerability. Apply the latest patches to affected devices promptly.