CVE-2021-33542 : Vulnerability Insights and Analysis

Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Learn about the impact, technical details, and mitigation steps below.

Understanding CVE-2021-33542

Phoenix Contact: Automation Worx Software Suite affected by Remote Code Execution (RCE) vulnerability.

What is CVE-2021-33542?

The vulnerability allows remote code execution when an attacker manipulates PC Worx or Config+ projects, leading to unallocated memory being freed due to incompletely initialized data.

The Impact of CVE-2021-33542

The attacker must access an original bus configuration file to manipulate data, compromising the availability, integrity, or confidentiality of an application programming workstation. Systems not programmed with the affected versions are not impacted.

Technical Details of CVE-2021-33542

Vulnerability Description

The vulnerability arises from incomplete data initialization in PC Worx or Config+ projects, allowing remote code execution by freeing unallocated memory.

Affected Systems and Versions

Phoenix Contact Automation Worx Software Suite Version 1.87 and below are affected, including PC Worx, PC Worx Express, and Config+.

Exploitation Mechanism

Attackers manipulate project files to access unallocated memory, compromising the security of programming workstations.

Mitigation and Prevention

Immediate Steps to Take

Customers are advised to exchange project files securely, avoiding unencrypted email services. Ensure controlled access to original bus configuration files.

Long-Term Security Practices

Updating to the next version of Automationworx Software Suite will address the incomplete data initialization, preventing memory vulnerabilities.

Patching and Updates

Regularly check for software updates and apply patches promptly to mitigate the risk of remote code execution.