Weidmueller¹¤Òµ½»Á÷»úÖеĶà¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-09

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-16670 £¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16671 £¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ £¬£¬£¬£¬£¬CVSS·ÖÖµ£º6.5

CVE±àºÅ£ºCVE-2019-16672 £¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16673 £¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬£¬£¬£¬£¬CVSS·ÖÖµ£º7.5

CVE±àºÅ£ºCVE-2019-16674 £¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ £¬£¬£¬£¬£¬CVSS·ÖÖµ£º9.8


Ó°Ïì°æ±¾


IE-SW-VL05M-5TX firmware v3.6.6 Build 16102415 and prior          

IE-SW-VL05MT-5TX firmware v3.6.6 Build 16102415 and prior        

IE-SW-VL05M-3TX-2SC firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2SC firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL05M-3TX-2ST firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2ST firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL08MT-8TX firmware v3.5.2 Build 16102415 and prior        

IE-SW-VL08MT-5TX-3SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-5TX-1SC-2SCS firmware v3.5.2 Build 16102415 and prior

IE-SW-VL08MT-6TX-2ST firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SCS firmware v3.5.2 Build 16102415 and prior    

IE-SW-PL08M-8TX firmware v3.3.8 Build 16102416 and prior          

IE-SW-PL08MT-8TX firmware v3.3.8 Build 16102416 and prior        

IE-SW-PL08M-6TX-2SC firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2SC firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2ST firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2ST firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08MT-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL10M-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10MT-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10M-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL10MT-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL16M-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16MT-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16M-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16M-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL18M-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18MT-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18M-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior

IE-SW-PL09M-5GC-4GT firmware v3.3.4 Build 16102416 and prior      

IE-SW-PL09MT-5GC-4GT firmware v3.3.4 Build 16102416 and prior    


Îó²î¸ÅÊö


Weidmueller IE-SW-VL05M-5TXµÈ¶¼Êǵ¹úWeidmueller¹«Ë¾µÄÒ»¿îÒÔÌ«Íø½»Á÷»ú¡£¡£¡£ ¡£¡£


CVE-2019-16670£º¸ÃÎó²îÔ´ÓÚÉí·ÝÑéÖ¤»úÖÆûÓоÙÐб©Á¦Æƽâ±£»£»£»£»¤¡£¡£¡£ ¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îʵÑ鱩Á¦Æƽ⹥»÷¡£¡£¡£ ¡£¡£


CVE-2019-16671£º¶à¿îWeidmueller²úÆ·Öб£´æ×ÊÔ´ÖÎÀí¹ýʧÎó²î¡£¡£¡£ ¡£¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·¶Ôϵͳ×ÊÔ´£¨ÈçÄÚ´æ¡¢´ÅÅ̿ռ䡢ÎļþµÈ£©µÄÖÎÀí²»µ±¡£¡£¡£ ¡£¡£


CVE-2019-16672£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î £¬£¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐòÒÔÃ÷ÎĵÄÐÎʽת´ïÃô¸ÐµÄƾ֤Êý¾Ý¡£¡£¡£ ¡£¡£


CVE-2019-16673£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î £¬£¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐò½«ÃÜÂë´æ´¢ÎªÃ÷ÎÄÐÎʽ¡£¡£¡£ ¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î¶ÁÈ¡ÃÜÂë¡£¡£¡£ ¡£¡£


CVE-2019-16674£º¶à¿îWeidmueller²úÆ·Öб£´æÇå¾²Îó²î¡£¡£¡£ ¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÍƲâ³öcookieÖеÄÉí·ÝÑéÖ¤ÐÅÏ¢¡£¡£¡£ ¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£ ¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î £¬£¬£¬£¬£¬ÏêÇéÇë¹Ø×¢³§ÉÌÖ÷Ò³£º

https://www.weidmueller.com¡£¡£¡£ ¡£¡£


»º½â²½·¥£º


CVE-2019-16672:


IE-SW-VL05MºÍIE-SW-VL08MTϵÁн»Á÷»ú£º


×°ÖÃÐÞ²¹¹Ì¼þºó £¬£¬£¬£¬£¬¿ÉÒÔʹÓÃhttpsͨ¹ý¼ÓÃÜͨѶ»á¼ûWeb½çÃæ £¬£¬£¬£¬£¬²¢ÇÒ¿ÉÒÔͨ¹ýÑ¡Ôñ¡°½öhttps¡±½«Web½çÃæ»á¼ûÉèÖÃΪȷ±£¼ÓÃÜÅþÁ¬¡£¡£¡£ ¡£¡£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>ϵͳ£º½«¡° WebÉèÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£ ¡£¡£


IE-SW-PL08M £¬£¬£¬£¬£¬IE-SW-PL10M £¬£¬£¬£¬£¬IE-SW-PL16M £¬£¬£¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁн»Á÷»ú£º


ͨ¹ýÑ¡Ôñ¡°½öhttps¡± £¬£¬£¬£¬£¬¿ÉÒÔÉèÖÃWeb½çÃæ»á¼ûÒÔÈ·±£¼ÓÃÜÅþÁ¬¡£¡£¡£ ¡£¡£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>ϵͳ£º½«¡° WebÉèÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£ ¡£¡£


CVE-2019-16670, CVE-2019-16671, CVE-2019-16673, and CVE-2019-16674:


IE-SW-VL05M £¬£¬£¬£¬£¬IE-SW-VL08MT £¬£¬£¬£¬£¬IE-SW-PL08M £¬£¬£¬£¬£¬IE-SW-PL10M £¬£¬£¬£¬£¬IE-SW-PL16M £¬£¬£¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁн»Á÷»ú£º


ÔÚ½»Á÷»úÉÏ×°Öò¹¶¡¹Ì¼þºó £¬£¬£¬£¬£¬¿ÉÒÔͨ¹ýÓÃÓÚWindows OSµÄÃûΪ¡° WM Switch Utility¡±µÄWeidmuellerÉèÖÃÈí¼þ½ûÓÃδ¼ÓÃܵÄËÑË÷ЧÀÍ £¬£¬£¬£¬£¬²¢ÆôÓý«Óëеġ° Weidmueller Switch Configuration¡±Ò»ÆðʹÓõļÓÃÜËÑË÷ЧÀÍ¡£¡£¡£ ¡£¡£Ä¬ÈÏÇéÐÎÏ £¬£¬£¬£¬£¬ÕâÁ½ÖÖЧÀÍ£¨¼ÓÃܺÍδ¼ÓÃܵÄËÑË÷ЧÀÍ£©¶¼´¦ÓÚÆôÓÃ״̬¡£¡£¡£ ¡£¡£ Ϊ×èÖ¹±¾½ÚÖÐÌáµ½µÄÎó²î £¬£¬£¬£¬£¬Ó¦½ûÓÃδ¼ÓÃܵÄËÑË÷ЧÀÍ¡£¡£¡£ ¡£¡£¿£¿£¿ÉÒÔͨ¹ýÒÔÏ·¾¶»á¼û´ËÉèÖõÄÏìÓ¦Web½çÃæ²Ëµ¥²¿·Ö£ºÖ÷²Ëµ¥>»ù±¾ÉèÖÃ>Çå¾²ÐÔ>ÖÎÀí½çÃ棺×÷·ÏÑ¡ÖС°ÆôÓÃËÑË÷ЧÀÍ¡±¸´Ñ¡¿ò¡£¡£¡£ ¡£¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/weidmueller-patches-critical-vulnerabilities-industrial-switches