The NCCIC has published an advisory on a command injection vulnerability in Phoenix Contact RAD-80211-XD. RAD-80211-XD (2885728) and RAD-80211-XD/HP-BUS (2900047) are affected. Successful exploitation of this vulnerability could allow an attacker to execute system level commands with administrative privileges. Phoenix Contact recommends a series of measures to mitigate this vulnerability. The NCCIC also offers a series of measures to address this vulnerability. Read the advisory at NCCIC/ICS-CERT.