The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions before 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.
Oil, gas, maritime systems affected by latest bug findings
Companies running a popular brand of industrial Ethernet switch are being advised to update their firmware ASAP following a series of bug disclosures.
Security house Positive Technologies took credit today for the discovery of six CVE-listed security vulnerabilities in the Phoenix Contact FL Switch 3xxx, 4xxx, and 48xx industrial control switches. The flaws are addressed in firmware versions 1.35 or newer.
Among the now-patched flaws were several Positive described as "critical" secu...