PHOENIX CONTACT: Security Advisory for FL COMSERVER UNI
Plan Patch7.5VDE-2021-022Jun 23, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
When a communication partner sends an invalid Modbus exception response to the FL COMSERVER UNI, the device stops processing Modbus communications and becomes unresponsive for several minutes until it automatically recovers (CWE-772: improper resource validation). The vulnerability is triggered by a single malformed response packet and has CVSS 7.5 (high severity) due to availability impact on operational networks.
What this means
What could happen
An attacker sending a specially crafted invalid Modbus response can cause the FL COMSERVER UNI to stop responding to communications for several minutes, effectively blocking remote data collection and device control until it automatically recovers.
Who's at risk
Water treatment plants, wastewater systems, power distribution utilities, and other facilities using Phoenix Contact FL COMSERVER UNI devices for remote Modbus communications with sensors, meters, or control devices. Operators rely on these devices to exchange data with remote equipment; denial of service interrupts visibility and control.
How it could be exploited
An attacker on the network sends an invalid Modbus exception response to the FL COMSERVER UNI. The device receives this malformed response, stops processing Modbus communications, and becomes unresponsive until it automatically restarts communication after several minutes. No authentication is required; the attacker only needs network access to the device's Modbus port.
Prerequisites
- Network access to the FL COMSERVER UNI on its Modbus port (typically TCP port 502 or UDP port 502)
- Ability to intercept or send network packets to the device (on-network position)
- Knowledge of or ability to craft invalid Modbus exception responses
remotely exploitableno authentication requiredlow complexityaffects operational communications
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
FL COMSERVER UNI 232/422/485<2.402.41
FL COMSERVER UNI 232/422/485-T<2.402.41
Remediation & Mitigation
0/3
Do now
0/1WORKAROUNDRestrict network access to the FL COMSERVER UNI to trusted sources only using firewall rules; limit incoming connections on Modbus ports (502 TCP/UDP) to known communication partners
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
FL COMSERVER UNI 232/422/485
HOTFIXUpdate FL COMSERVER UNI 232/422/485 and FL COMSERVER UNI 232/422/485-T to firmware version 2.41 or later
Long-term hardening
0/1HARDENINGSegment the FL COMSERVER UNI onto a protected network or VLAN separate from untrusted networks and the Internet
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/71473828-087e-4c60-89b0-f78557b555c9