Phoenix Contact, a German electrical engineering and automation company, has disclosed four vulnerabilities in FL SWITCH industrial switches. These devices are used for automation at digital substations and in oil and gas, maritime, and other industries. The vulnerabilities were discovered by Positive Technologies experts Vyacheslav Moskvin, Semyon Sokolov, Evgeny Druzhinin, Ilya Karpov, and Georgy Zaytsev. The most hazardous of the vulnerabilities is CVE-2018-10730 (CVSS base score 9.1), which enables an attacker to run arbitrary commands...
Read more