CVE-2023-37857

EUVD-2023-41731
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies.  These session-cookies created by the attacker are not sufficient to obtain a valid session on the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.8 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
CERTVDECNA
3.8 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
phoenixcontactwp_6070-wvps_firmware
𝑥
< 4.0.10
phoenixcontactwp_6101-wxps_firmware
𝑥
< 4.0.10
phoenixcontactwp_6121-wxps_firmware
𝑥
< 4.0.10
phoenixcontactwp_6156-whps_firmware
𝑥
< 4.0.10
phoenixcontactwp_6185-whps_firmware
𝑥
< 4.0.10
phoenixcontactwp_6215-whps_firmware
𝑥
< 4.0.10
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2023-018/
https://cert.vde.com/en/advisories/VDE-2023-018/