Advisory (ICSA-16-313-01) from the Department of Homeland Security


The vulnerabilities were found on a Phoenix ILC150ETH PLC, but concerns all PLCs using a SPIDER web server. For more information feel free to contact me.


  • ICSA-313-01
  • CVEs:

  • CVE-2016-8366
  • CVE-2016-8371
  • CVE-2016-8380
  • Thanks to Michael Kapfer for the evaluation the vulnerabilities and Phoenix Contacts for the great response.

    Leave a Reply

    Your email address will not be published. Required fields are marked *


    eighteen − 10 =

    This site uses Akismet to reduce spam. Learn how your comment data is processed.