Security Advisory
PHOENIX CONTACT’s RAD-ISM-900-EN-BD Devices
Risk Information
Limited Threat
CVE ID
CVE-2022-29898
CVE-2022-29897
Vunerability Type
RCE and Unrestricted File Upload via Configuration Uploader
RCE via Traceroute Utility
CVSS3 Score
9.1
9.1
CVSSv3 Vector
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
Affecting
Mitigation
PHOENIX CONTACT states this family of products has reached End-of-Life and will not be patched.
05/11/2022