Weidmueller¹¤Òµ½»Á÷»úÖеĶà¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-09

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-16670 £¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16671 £¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ £¬£¬ £¬£¬£¬CVSS·ÖÖµ£º6.5

CVE±àºÅ£ºCVE-2019-16672 £¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16673 £¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬£¬ £¬£¬£¬CVSS·ÖÖµ£º7.5

CVE±àºÅ£ºCVE-2019-16674 £¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬ £¬£¬£¬CVSS·ÖÖµ£º9.8


Ó°Ïì°æ±¾


IE-SW-VL05M-5TX firmware v3.6.6 Build 16102415 and prior          

IE-SW-VL05MT-5TX firmware v3.6.6 Build 16102415 and prior        

IE-SW-VL05M-3TX-2SC firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2SC firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL05M-3TX-2ST firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2ST firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL08MT-8TX firmware v3.5.2 Build 16102415 and prior        

IE-SW-VL08MT-5TX-3SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-5TX-1SC-2SCS firmware v3.5.2 Build 16102415 and prior

IE-SW-VL08MT-6TX-2ST firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SCS firmware v3.5.2 Build 16102415 and prior    

IE-SW-PL08M-8TX firmware v3.3.8 Build 16102416 and prior          

IE-SW-PL08MT-8TX firmware v3.3.8 Build 16102416 and prior        

IE-SW-PL08M-6TX-2SC firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2SC firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2ST firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2ST firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08MT-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL10M-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10MT-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10M-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL10MT-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL16M-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16MT-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16M-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16M-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL18M-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18MT-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18M-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior

IE-SW-PL09M-5GC-4GT firmware v3.3.4 Build 16102416 and prior      

IE-SW-PL09MT-5GC-4GT firmware v3.3.4 Build 16102416 and prior    


Îó²î¸ÅÊö


Weidmueller IE-SW-VL05M-5TXµÈ¶¼Êǵ¹úWeidmueller¹«Ë¾µÄÒ»¿îÒÔÌ«Íø½»Á÷»ú¡£¡£¡£¡£¡£¡£¡£


CVE-2019-16670£º¸ÃÎó²îÔ´ÓÚÉí·ÝÑéÖ¤»úÖÆûÓоÙÐб©Á¦Æƽâ±£»£» £»£»£»£»£»¤¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îʵÑ鱩Á¦Æƽ⹥»÷¡£¡£¡£¡£¡£¡£¡£


CVE-2019-16671£º¶à¿îWeidmueller²úÆ·Öб£´æ×ÊÔ´ÖÎÀí¹ýʧÎó²î¡£¡£¡£¡£¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·¶Ôϵͳ×ÊÔ´£¨ÈçÄÚ´æ¡¢´ÅÅ̿ռ䡢ÎļþµÈ£©µÄÖÎÀí²»µ±¡£¡£¡£¡£¡£¡£¡£


CVE-2019-16672£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î £¬£¬ £¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐòÒÔÃ÷ÎĵÄÐÎʽת´ïÃô¸ÐµÄƾ֤Êý¾Ý¡£¡£¡£¡£¡£¡£¡£


CVE-2019-16673£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î £¬£¬ £¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐò½«ÃÜÂë´æ´¢ÎªÃ÷ÎÄÐÎʽ¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î¶ÁÈ¡ÃÜÂë¡£¡£¡£¡£¡£¡£¡£


CVE-2019-16674£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÍƲâ³öcookieÖеÄÉí·ÝÑéÖ¤ÐÅÏ¢¡£¡£¡£¡£¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î £¬£¬ £¬£¬£¬ÏêÇéÇë¹Ø×¢³§ÉÌÖ÷Ò³£º

https://www.weidmueller.com¡£¡£¡£¡£¡£¡£¡£


»º½â²½·¥£º


CVE-2019-16672:


IE-SW-VL05MºÍIE-SW-VL08MTϵÁн»Á÷»ú£º


×°ÖÃÐÞ²¹¹Ì¼þºó £¬£¬ £¬£¬£¬¿ÉÒÔʹÓÃhttpsͨ¹ý¼ÓÃÜͨѶ»á¼ûWeb½çÃæ £¬£¬ £¬£¬£¬²¢ÇÒ¿ÉÒÔͨ¹ýÑ¡Ôñ¡°½öhttps¡±½«Web½çÃæ»á¼ûÉèÖÃΪȷ±£¼ÓÃÜÅþÁ¬¡£¡£¡£¡£¡£¡£¡£¿£¿£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>ϵͳ£º½«¡° WebÉèÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£¡£¡£¡£¡£


IE-SW-PL08M £¬£¬ £¬£¬£¬IE-SW-PL10M £¬£¬ £¬£¬£¬IE-SW-PL16M £¬£¬ £¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁн»Á÷»ú£º


ͨ¹ýÑ¡Ôñ¡°½öhttps¡± £¬£¬ £¬£¬£¬¿ÉÒÔÉèÖÃWeb½çÃæ»á¼ûÒÔÈ·±£¼ÓÃÜÅþÁ¬¡£¡£¡£¡£¡£¡£¡£¿£¿£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>ϵͳ£º½«¡° WebÉèÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£¡£¡£¡£¡£


CVE-2019-16670, CVE-2019-16671, CVE-2019-16673, and CVE-2019-16674:


IE-SW-VL05M £¬£¬ £¬£¬£¬IE-SW-VL08MT £¬£¬ £¬£¬£¬IE-SW-PL08M £¬£¬ £¬£¬£¬IE-SW-PL10M £¬£¬ £¬£¬£¬IE-SW-PL16M £¬£¬ £¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁн»Á÷»ú£º


ÔÚ½»Á÷»úÉÏ×°Öò¹¶¡¹Ì¼þºó £¬£¬ £¬£¬£¬¿ÉÒÔͨ¹ýÓÃÓÚWindows OSµÄÃûΪ¡° WM Switch Utility¡±µÄWeidmuellerÉèÖÃÈí¼þ½ûÓÃδ¼ÓÃܵÄËÑË÷ЧÀÍ £¬£¬ £¬£¬£¬²¢ÆôÓý«Óëеġ° Weidmueller Switch Configuration¡±Ò»ÆðʹÓõļÓÃÜËÑË÷ЧÀÍ¡£¡£¡£¡£¡£¡£¡£Ä¬ÈÏÇéÐÎÏ £¬£¬ £¬£¬£¬ÕâÁ½ÖÖЧÀÍ£¨¼ÓÃܺÍδ¼ÓÃܵÄËÑË÷ЧÀÍ£©¶¼´¦ÓÚÆôÓÃ״̬¡£¡£¡£¡£¡£¡£¡£ Ϊ×èÖ¹±¾½ÚÖÐÌáµ½µÄÎó²î £¬£¬ £¬£¬£¬Ó¦½ûÓÃδ¼ÓÃܵÄËÑË÷ЧÀÍ¡£¡£¡£¡£¡£¡£¡£¿£¿£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>Çå¾²ÐÔ>ÖÎÀí½çÃ棺×÷·ÏÑ¡ÖС°ÆôÓÃËÑË÷ЧÀÍ¡±¸´Ñ¡¿ò¡£¡£¡£¡£¡£¡£¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/weidmueller-patches-critical-vulnerabilities-industrial-switches