Weidmueller¹¤Òµ½»Á÷»úÖеĶà¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-09

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-16670£¬£¬£¬£¬ £¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16671£¬£¬£¬£¬ £¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬ £¬£¬£¬£¬CVSS·ÖÖµ£º6.5

CVE±àºÅ£ºCVE-2019-16672£¬£¬£¬£¬ £¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16673£¬£¬£¬£¬ £¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬ £¬£¬£¬£¬CVSS·ÖÖµ£º7.5

CVE±àºÅ£ºCVE-2019-16674£¬£¬£¬£¬ £¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬£¬£¬£¬CVSS·ÖÖµ£º9.8


Ó°Ïì°æ±¾


IE-SW-VL05M-5TX firmware v3.6.6 Build 16102415 and prior          

IE-SW-VL05MT-5TX firmware v3.6.6 Build 16102415 and prior        

IE-SW-VL05M-3TX-2SC firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2SC firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL05M-3TX-2ST firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2ST firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL08MT-8TX firmware v3.5.2 Build 16102415 and prior        

IE-SW-VL08MT-5TX-3SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-5TX-1SC-2SCS firmware v3.5.2 Build 16102415 and prior

IE-SW-VL08MT-6TX-2ST firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SCS firmware v3.5.2 Build 16102415 and prior    

IE-SW-PL08M-8TX firmware v3.3.8 Build 16102416 and prior          

IE-SW-PL08MT-8TX firmware v3.3.8 Build 16102416 and prior        

IE-SW-PL08M-6TX-2SC firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2SC firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2ST firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2ST firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08MT-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL10M-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10MT-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10M-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL10MT-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL16M-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16MT-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16M-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16M-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL18M-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18MT-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18M-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior

IE-SW-PL09M-5GC-4GT firmware v3.3.4 Build 16102416 and prior      

IE-SW-PL09MT-5GC-4GT firmware v3.3.4 Build 16102416 and prior    


Îó²î¸ÅÊö


Weidmueller IE-SW-VL05M-5TXµÈ¶¼Êǵ¹úWeidmueller¹«Ë¾µÄÒ»¿îÒÔÌ«Íø½»Á÷»ú¡£¡£¡£


CVE-2019-16670£º¸ÃÎó²îÔ´ÓÚÉí·ÝÑéÖ¤»úÖÆûÓоÙÐб©Á¦Æƽâ±£»£»£»£» £»£»£»¤¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îʵÑ鱩Á¦Æƽ⹥»÷¡£¡£¡£


CVE-2019-16671£º¶à¿îWeidmueller²úÆ·Öб£´æ×ÊÔ´ÖÎÀí¹ýʧÎó²î¡£¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·¶Ôϵͳ×ÊÔ´£¨ÈçÄÚ´æ¡¢´ÅÅ̿ռ䡢ÎļþµÈ£©µÄÖÎÀí²»µ±¡£¡£¡£


CVE-2019-16672£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î£¬£¬£¬£¬ £¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐòÒÔÃ÷ÎĵÄÐÎʽת´ïÃô¸ÐµÄƾ֤Êý¾Ý¡£¡£¡£


CVE-2019-16673£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î£¬£¬£¬£¬ £¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐò½«ÃÜÂë´æ´¢ÎªÃ÷ÎÄÐÎʽ¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î¶ÁÈ¡ÃÜÂë¡£¡£¡£


CVE-2019-16674£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÍƲâ³öcookieÖеÄÉí·ÝÑéÖ¤ÐÅÏ¢¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬ £¬£¬£¬£¬ÏêÇéÇë¹Ø×¢³§ÉÌÖ÷Ò³£º

https://www.weidmueller.com¡£¡£¡£


»º½â²½·¥£º


CVE-2019-16672:


IE-SW-VL05MºÍIE-SW-VL08MTϵÁн»Á÷»ú£º


×°ÖÃÐÞ²¹¹Ì¼þºó£¬£¬£¬£¬ £¬£¬£¬£¬¿ÉÒÔʹÓÃhttpsͨ¹ý¼ÓÃÜͨѶ»á¼ûWeb½çÃ棬£¬£¬£¬ £¬£¬£¬£¬²¢ÇÒ¿ÉÒÔͨ¹ýÑ¡Ôñ¡°½öhttps¡±½«Web½çÃæ»á¼ûÉèÖÃΪȷ±£¼ÓÃÜÅþÁ¬¡£¡£¡£¿£¿£¿£¿£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>ϵͳ£º½«¡° WebÉèÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£


IE-SW-PL08M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL10M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL16M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁн»Á÷»ú£º


ͨ¹ýÑ¡Ôñ¡°½öhttps¡±£¬£¬£¬£¬ £¬£¬£¬£¬¿ÉÒÔÉèÖÃWeb½çÃæ»á¼ûÒÔÈ·±£¼ÓÃÜÅþÁ¬¡£¡£¡£¿£¿£¿£¿£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>ϵͳ£º½«¡° WebÉèÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£


CVE-2019-16670, CVE-2019-16671, CVE-2019-16673, and CVE-2019-16674:


IE-SW-VL05M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-VL08MT£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL08M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL10M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL16M£¬£¬£¬£¬ £¬£¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁн»Á÷»ú£º


ÔÚ½»Á÷»úÉÏ×°Öò¹¶¡¹Ì¼þºó£¬£¬£¬£¬ £¬£¬£¬£¬¿ÉÒÔͨ¹ýÓÃÓÚWindows OSµÄÃûΪ¡° WM Switch Utility¡±µÄWeidmuellerÉèÖÃÈí¼þ½ûÓÃδ¼ÓÃܵÄËÑË÷ЧÀÍ£¬£¬£¬£¬ £¬£¬£¬£¬²¢ÆôÓý«Óëеġ° Weidmueller Switch Configuration¡±Ò»ÆðʹÓõļÓÃÜËÑË÷ЧÀÍ¡£¡£¡£Ä¬ÈÏÇéÐÎÏ£¬£¬£¬£¬ £¬£¬£¬£¬ÕâÁ½ÖÖЧÀÍ£¨¼ÓÃܺÍδ¼ÓÃܵÄËÑË÷ЧÀÍ£©¶¼´¦ÓÚÆôÓÃ״̬¡£¡£¡£ Ϊ×èÖ¹±¾½ÚÖÐÌáµ½µÄÎó²î£¬£¬£¬£¬ £¬£¬£¬£¬Ó¦½ûÓÃδ¼ÓÃܵÄËÑË÷ЧÀÍ¡£¡£¡£¿£¿£¿£¿£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>Çå¾²ÐÔ>ÖÎÀí½çÃ棺×÷·ÏÑ¡ÖС°ÆôÓÃËÑË÷ЧÀÍ¡±¸´Ñ¡¿ò¡£¡£¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/weidmueller-patches-critical-vulnerabilities-industrial-switches