Weidmueller¹¤Òµ»¥»»»úÖеĶà¸ö·ì϶·çÏÕ¹«¸æ

°ä²¼¹¦·ò 2019-12-09

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-16670 £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑϳÁ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16671 £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º6.5

CVE±àºÅ£ºCVE-2019-16672 £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑϳÁ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-16673 £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º7.5

CVE±àºÅ£ºCVE-2019-16674 £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑϳÁ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º9.8


Ó°Ïì°æ±¾


IE-SW-VL05M-5TX firmware v3.6.6 Build 16102415 and prior          

IE-SW-VL05MT-5TX firmware v3.6.6 Build 16102415 and prior        

IE-SW-VL05M-3TX-2SC firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2SC firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL05M-3TX-2ST firmware v3.6.6 Build 16102415 and prior      

IE-SW-VL05MT-3TX-2ST firmware v3.6.6 Build 16102415 and prior    

IE-SW-VL08MT-8TX firmware v3.5.2 Build 16102415 and prior        

IE-SW-VL08MT-5TX-3SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-5TX-1SC-2SCS firmware v3.5.2 Build 16102415 and prior

IE-SW-VL08MT-6TX-2ST firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SC firmware v3.5.2 Build 16102415 and prior    

IE-SW-VL08MT-6TX-2SCS firmware v3.5.2 Build 16102415 and prior    

IE-SW-PL08M-8TX firmware v3.3.8 Build 16102416 and prior          

IE-SW-PL08MT-8TX firmware v3.3.8 Build 16102416 and prior        

IE-SW-PL08M-6TX-2SC firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2SC firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2ST firmware v3.3.8 Build 16102416 and prior      

IE-SW-PL08MT-6TX-2ST firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08M-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL08MT-6TX-2SCS firmware v3.3.8 Build 16102416 and prior    

IE-SW-PL10M-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10MT-3GT-7TX firmware v3.3.16 Build 16102416 and prior    

IE-SW-PL10M-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL10MT-1GT-2GS-7TX firmware v3.3.16 Build 16102416 and prior

IE-SW-PL16M-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16MT-16TX firmware v3.4.2 Build 16102416 and prior        

IE-SW-PL16M-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2SC firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16M-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL16MT-14TX-2ST firmware v3.4.2 Build 16102416 and prior    

IE-SW-PL18M-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18MT-2GC-16TX firmware v3.4.4 Build 16102416 and prior    

IE-SW-PL18M-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SC firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2ST firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18M-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior  

IE-SW-PL18MT-2GC14TX2SCS firmware v3.4.4 Build 16102416 and prior

IE-SW-PL09M-5GC-4GT firmware v3.3.4 Build 16102416 and prior      

IE-SW-PL09MT-5GC-4GT firmware v3.3.4 Build 16102416 and prior    


·ì϶¸ÅÊö


Weidmueller IE-SW-VL05M-5TXµÈ¶¼Êǵ¹úWeidmueller¹«Ë¾µÄÒ»¿îÒÔÌ«Íø»¥»»»ú¡£¡£¡£ ¡£¡£¡£¡£ ¡£


CVE-2019-16670£º¸Ã·ì϶ԴÓÚÉí·ÝÑéÖ¤»úÔìûÓнøÐб©Á¦Æƽâ±£»£»£»£»£»£»£»¤¡£¡£¡£ ¡£¡£¡£¡£ ¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶ִÐб©Á¦Æƽ⹥»÷¡£¡£¡£ ¡£¡£¡£¡£ ¡£


CVE-2019-16671£º¶à¿îWeidmueller²úÆ·ÖдæÔÚ×ÊÔ´ÖÎÀíÃýÎó·ì϶¡£¡£¡£ ¡£¡£¡£¡£ ¡£¸Ã·ì϶ԴÓÚÍøÂçϵͳ»ò²úÆ·¶Ôϵͳ×ÊÔ´£¨ÈçÄÚ´æ¡¢´ÅÅ̿ռ䡢ÎļþµÈ£©µÄÖÎÀí²»µ±¡£¡£¡£ ¡£¡£¡£¡£ ¡£


CVE-2019-16672£º¶à¿îWeidmueller²úÆ·ÖдæÔÚ°²È«·ì϶ £¬£¬£¬£¬£¬£¬¸Ã·ì϶ԴÓÚ·¨Ê½ÒÔÃ÷ÎĵĴó¾Ö´«µÝÃô¸ÐµÄƾ֤Êý¾Ý¡£¡£¡£ ¡£¡£¡£¡£ ¡£


CVE-2019-16673£º¶à¿îWeidmueller²úÆ·ÖдæÔÚ°²È«·ì϶ £¬£¬£¬£¬£¬£¬¸Ã·ì϶ԴÓÚ·¨Ê½½«ÃÜÂë´æ´¢ÎªÃ÷ÎÄ´ó¾Ö¡£¡£¡£ ¡£¡£¡£¡£ ¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶¶ÁÈ¡ÃÜÂë¡£¡£¡£ ¡£¡£¡£¡£ ¡£


CVE-2019-16674£º¶à¿îWeidmueller²úÆ·ÖдæÔÚ°²È«·ì϶¡£¡£¡£ ¡£¡£¡£¡£ ¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶²Â²â³öcookieÖеÄÉí·ÝÑéÖ¤ÐÅÏ¢¡£¡£¡£ ¡£¡£¡£¡£ ¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£ ¡£¡£¡£¡£ ¡£


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶ £¬£¬£¬£¬£¬£¬ÏêÇéÇë¹Ø×¢³§ÉÌÖ÷Ò³£º

https://www.weidmueller.com¡£¡£¡£ ¡£¡£¡£¡£ ¡£


»º½â´ëÊ©£º


CVE-2019-16672:


IE-SW-VL05MºÍIE-SW-VL08MTϵÁл¥»»»ú£º


×°Öý¨²¹¹Ì¼þºó £¬£¬£¬£¬£¬£¬Äܹ»Ê¹ÓÃhttpsͨ¹ý¼ÓÃÜͨѶ½Ó¼ûWeb½çÃæ £¬£¬£¬£¬£¬£¬²¢ÇÒÄܹ»Í¨¹ýÑ¡Ôñ¡°½öhttps¡±½«Web½çÃæ½Ó¼ûÅäÖÃΪȷ±£¼ÓÃÜÏνӡ£¡£¡£ ¡£¡£¡£¡£ ¡£¿£¿£¿ £¿£¿£Äܹ»Í¨¹ýÒÔÏÂõ辶½Ó¼û´ËÉèÖõÄÏàÓ¦Web½çÃæ²Ëµ¥²¿ÃÅ£ºÖ÷²Ëµ¥>¸ù»ùÉèÖÃ>ϵͳ£º½«¡° WebÅäÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£ ¡£¡£¡£¡£ ¡£


IE-SW-PL08M £¬£¬£¬£¬£¬£¬IE-SW-PL10M £¬£¬£¬£¬£¬£¬IE-SW-PL16M £¬£¬£¬£¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁл¥»»»ú£º


ͨ¹ýÑ¡Ôñ¡°½öhttps¡± £¬£¬£¬£¬£¬£¬Äܹ»ÅäÖÃWeb½çÃæ½Ó¼ûÒÔÈ·±£¼ÓÃÜÏνӡ£¡£¡£ ¡£¡£¡£¡£ ¡£¿£¿£¿ £¿£¿£Äܹ»Í¨¹ýÒÔÏÂõ辶½Ó¼û´ËÉèÖõÄÏàÓ¦Web½çÃæ²Ëµ¥²¿ÃÅ£ºÖ÷²Ëµ¥>¸ù»ùÉèÖÃ>ϵͳ£º½«¡° WebÅäÖá±ÉèÖÃΪ¡°½öhttps¡±¡£¡£¡£ ¡£¡£¡£¡£ ¡£


CVE-2019-16670, CVE-2019-16671, CVE-2019-16673, and CVE-2019-16674:


IE-SW-VL05M £¬£¬£¬£¬£¬£¬IE-SW-VL08MT £¬£¬£¬£¬£¬£¬IE-SW-PL08M £¬£¬£¬£¬£¬£¬IE-SW-PL10M £¬£¬£¬£¬£¬£¬IE-SW-PL16M £¬£¬£¬£¬£¬£¬IE-SW-PL18MºÍIE-SW-PL09MϵÁл¥»»»ú£º


ÔÚ»¥»»»úÉÏ×°Öò¹¶¡¹Ì¼þºó £¬£¬£¬£¬£¬£¬Äܹ»Í¨¹ýÓÃÓÚWindows OSµÄÃûΪ¡° WM Switch Utility¡±µÄWeidmuellerÅäÖÃÈí¼þ½ûÓÃδ¼ÓÃܵÄËÑË÷·þÎñ £¬£¬£¬£¬£¬£¬²¢ÆôÓý«Óëеġ° Weidmueller Switch Configuration¡±Ò»Â·Ê¹ÓõļÓÃÜËÑË÷·þÎñ¡£¡£¡£ ¡£¡£¡£¡£ ¡£Ä¬ÈÏÇé¿öÏ £¬£¬£¬£¬£¬£¬ÕâÁ½ÖÖ·þÎñ£¨¼ÓÃܺÍδ¼ÓÃܵÄËÑË÷·þÎñ£©¶¼´¦ÓÚÆôÓÃ״̬¡£¡£¡£ ¡£¡£¡£¡£ ¡£ ΪԤ·À±¾½ÚÖÐÌáµ½µÄ·ì϶ £¬£¬£¬£¬£¬£¬Ó¦½ûÓÃδ¼ÓÃܵÄËÑË÷·þÎñ¡£¡£¡£ ¡£¡£¡£¡£ ¡£¿£¿£¿ £¿£¿£Äܹ»Í¨¹ýÒÔÏÂõ辶½Ó¼û´ËÉèÖõÄÏàÓ¦Web½çÃæ²Ëµ¥²¿ÃÅ£ºÖ÷²Ëµ¥>¸ù»ùÉèÖÃ>°²È«ÐÔ>ÖÎÀí½çÃ棺ȡµÞÑ¡ÖÓ×°ÆôÓÃËÑË÷·þÎñ¡±¸´Ñ¡¿ò¡£¡£¡£ ¡£¡£¡£¡£ ¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/weidmueller-patches-critical-vulnerabilities-industrial-switches