CVE-2018-13994

Name: CVE-2018-13994
Creator: NVD / NIST
Published: 2019-05-07T18:29:00.583+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.17%

Last modified Jun 17, 2026

CVE-2018-13994 is a vulnerability of currently unknown severity. The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.. EPSS estimates a 2.17% chance of exploitation in the next 30 days.

Description

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.

Metrics

EPSS Probability

2.17%

80.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-400

Affected Software

Vendor	Product	Versions
Phoenixcontact	Fl Switch 3005 Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3005t Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3004t-Fx Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3004t-Fx St Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3008 Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3008t Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3006t-2fx Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3006t-2fx St Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3012e-2sfx Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3016e Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3016 Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3016t Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3006t-2fx Sm Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4008t-2sfp Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4008t-2gt-4fx Sm Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4008t-2gt-3fx Sm Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4808e-16fx Lc-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4808e-16fx Sm-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4808e-16fx Sm St-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4808e-16fx St-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4808e-16fx-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4808e-16fx Sm Lc-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4012t 2gt 2fx Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4012t-2gt-2fx St Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4824e-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4800e-24fx-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4800e-24fx Sm-4gc Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 3012e-2fx Sm Firmware	>= 1.0, <= 1.34
Phoenixcontact	Fl Switch 4000t-8poe-2sfp-R Firmware	>= 1.0, <= 1.34

References

http://www.securityfocus.com/bid/106737Third Party Advisory, VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02Third Party Advisory, US Government Resource, VDB Entry
http://www.securityfocus.com/bid/106737Third Party Advisory, VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02Third Party Advisory, US Government Resource, VDB Entry

Timeline

Published: May 7, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-13994?

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.

How severe is CVE-2018-13994?

Severity scoring for CVE-2018-13994 is pending analysis. The EPSS model estimates a 2.17% probability of exploitation in the next 30 days.

How do I fix CVE-2018-13994?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-13994?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST