Phoenix Contact FL SWITCH Multiple Vulnerabilities

CERT-Bund has released advisory WID-SEC-2026-0765 detailing multiple critical vulnerabilities affecting Phoenix Contact FL SWITCH industrial network switches, specifically models 2xxx, TSN 23xx, and 59xx with firmware versions below 3.53. These vulnerabilities, with a CVSS Base Score of 7.2, can be exploited by remote attackers (authenticated or anonymous) to execute arbitrary code with administrator privileges, cause a denial-of-service, perform cross-site scripting attacks, or manipulate data.

Organizations utilizing these affected Phoenix Contact FL SWITCH devices should immediately review the advisory and apply available mitigation strategies. This includes updating firmware to a secure version or implementing compensating controls to prevent exploitation. Failure to address these vulnerabilities could lead to significant operational disruptions and security breaches within industrial control systems. The advisory indicates that mitigation is available, and users should consult the provided links for specific guidance and version history.