Primary

Context

Pepperl+Fuchs Profinet Gateway LB8122A.1.EL SNMP Information Disclosure Vulnerability Triggering Device Reboot

Vulnerability

A vulnerability exists in the Pepperl+Fuchs Profinet Gateway LB8122A.1.EL, allowing unauthenticated remote attackers to access information about running processes via the SNMP protocol. This information retrieval can be used to trigger a device reboot through the watchdog mechanism. The vulnerability is present in versions prior to 1.3.13.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure about running processes, with the potential to cause a device reboot.

Remediation

Users are advised to update to the firmware version 1.3.13. The web server is off by default and can only be activated via the gateway display for a duration of 5 minutes. Ensure that only authorized personnel have access to the gateway and use it in an isolated network environment.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

6.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

6.0

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Pepperl+Fuchs Profinet Gateway LB8122A.1.EL SNMP Information Disclosure Vulnerability Triggering Device Reboot

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating