Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2024-2079
Vulnerability from csaf_certbund - Published: 2024-09-09 22:00 - Updated: 2026-05-07 22:00Summary
Phoenix Contact FL MGUARD: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Produkte der FL MGUARD Reihe sind Fernwartungs-Router für Industrieanlagen.
Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Phoenix Contact FL MGUARD ausnutzen, um seine Privilegien zu erhöhen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - BIOS/Firmware
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Phoenix Contact FL MGUARD <10.4.1
Phoenix Contact / FL MGUARD
|
<10.4.1 | ||
|
Phoenix Contact FL MGUARD <8.9.3
Phoenix Contact / FL MGUARD
|
<8.9.3 |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Produkte der FL MGUARD Reihe sind Fernwartungs-Router f\u00fcr Industrieanlagen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Phoenix Contact FL MGUARD ausnutzen, um seine Privilegien zu erh\u00f6hen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2079 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2079.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2079 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2079"
},
{
"category": "external",
"summary": "Phoenix Contact Advisory vom 2024-09-09",
"url": "https://certvde.com/de/advisories/VDE-2024-052/"
},
{
"category": "external",
"summary": "Phoenix Contact Advisory vom 2024-09-09",
"url": "https://certvde.com/de/advisories/VDE-2024-039/"
}
],
"source_lang": "en-US",
"title": "Phoenix Contact FL MGUARD: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-07T22:00:00.000+00:00",
"generator": {
"date": "2026-05-08T10:11:02.265+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-2079",
"initial_release_date": "2024-09-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-09-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-07T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2024-55567"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.9.3",
"product": {
"name": "Phoenix Contact FL MGUARD \u003c8.9.3",
"product_id": "T037369"
}
},
{
"category": "product_version",
"name": "8.9.3",
"product": {
"name": "Phoenix Contact FL MGUARD 8.9.3",
"product_id": "T037369-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:phoenixcontact:fl_mguard:8.9.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.1",
"product": {
"name": "Phoenix Contact FL MGUARD \u003c10.4.1",
"product_id": "T037370"
}
},
{
"category": "product_version",
"name": "10.4.1",
"product": {
"name": "Phoenix Contact FL MGUARD 10.4.1",
"product_id": "T037370-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:phoenixcontact:fl_mguard:10.4.1"
}
}
}
],
"category": "product_name",
"name": "FL MGUARD"
}
],
"category": "vendor",
"name": "Phoenix Contact"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43384",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43384"
},
{
"cve": "CVE-2024-43385",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43385"
},
{
"cve": "CVE-2024-43386",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43386"
},
{
"cve": "CVE-2024-43387",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43387"
},
{
"cve": "CVE-2024-43388",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43388"
},
{
"cve": "CVE-2024-43389",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43389"
},
{
"cve": "CVE-2024-43390",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43390"
},
{
"cve": "CVE-2024-43391",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43391"
},
{
"cve": "CVE-2024-43392",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43392"
},
{
"cve": "CVE-2024-43393",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-43393"
},
{
"cve": "CVE-2024-7698",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-7698"
},
{
"cve": "CVE-2024-7699",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-7699"
},
{
"cve": "CVE-2024-7734",
"product_status": {
"known_affected": [
"T037370",
"T037369"
]
},
"release_date": "2024-09-09T22:00:00.000+00:00",
"title": "CVE-2024-7734"
}
]
}
CVE-2024-43384 (GCVE-0-2024-43384)
Vulnerability from cvelistv5 – Published: 2026-05-07 08:37 – Updated: 2026-05-07 14:32
VLAI
EPSS
Title
Phoenix Contact: Improper removal of sensitive information in MGUARD products
Summary
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
Assigner
References
1 reference
Impacted products
36 products
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-07T14:32:17.955380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T14:32:39.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can gain\u0026nbsp;the root password due to improper removal of sensitive information before storage or transfer.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can gain\u00a0the root password due to improper removal of sensitive information before storage or transfer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T08:37:04.384Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Improper removal of sensitive information in MGUARD products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43384",
"datePublished": "2026-05-07T08:37:04.384Z",
"dateReserved": "2024-08-12T08:30:16.359Z",
"dateUpdated": "2026-05-07T14:32:39.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-43385 (GCVE-0-2024-43385)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:25
VLAI
EPSS
Title
Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices
Summary
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
39 products
| Vendor | Product | Version | |
|---|---|---|---|
| PHOENIX CONTACT | FL MGUARD 2102 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 2105 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCI |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCIE |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4302 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4305 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CENTERPORT VPN-1000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX-B |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2005 TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-M |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-P |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| phoenixcontact | fl_mguard_smart2_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | fl_mguard_4305_firmware |
Affected:
0 , < 10.4.1
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* |
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:25:23.534617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:25:30.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the\u0026nbsp;execution of arbitrary OS commands as root due to improper neutralization of special elements in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe variable PROXY_HTTP_PORT in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emGuard devices.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can trigger the\u00a0execution of arbitrary OS commands as root due to improper neutralization of special elements in\u00a0the variable PROXY_HTTP_PORT in\u00a0mGuard devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78:Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:43:25.556Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OS command execution through PROXY_HTTP_PORT in\u00a0mGuard devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43385",
"datePublished": "2024-09-10T08:43:25.556Z",
"dateReserved": "2024-08-12T08:30:16.359Z",
"dateUpdated": "2024-09-10T14:25:30.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43386 (GCVE-0-2024-43386)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:25
VLAI
EPSS
Title
Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
Summary
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
39 products
| Vendor | Product | Version | |
|---|---|---|---|
| PHOENIX CONTACT | FL MGUARD 2102 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 2105 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCI |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCIE |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4302 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4305 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CENTERPORT VPN-1000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX-B |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2005 TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-M |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-P |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| phoenixcontact | fl_mguard_smart2_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | fl_mguard_4305_firmware |
Affected:
0 , < 10.4.1
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* |
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:25:00.255471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:25:13.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u0026nbsp;mGuard devices.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u00a0mGuard devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:43:41.392Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in\u00a0mGuard devices.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43386",
"datePublished": "2024-09-10T08:43:41.392Z",
"dateReserved": "2024-08-12T08:30:16.359Z",
"dateUpdated": "2024-09-10T14:25:13.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43387 (GCVE-0-2024-43387)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:22
VLAI
EPSS
Title
Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
Summary
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
39 products
| Vendor | Product | Version | |
|---|---|---|---|
| PHOENIX CONTACT | FL MGUARD 2102 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 2105 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCI |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCIE |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4302 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4305 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CENTERPORT VPN-1000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX-B |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2005 TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-M |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-P |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| phoenixcontact | fl_mguard_smart2_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | fl_mguard_4305_firmware |
Affected:
0 , < 10.4.1
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* |
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:22:29.653702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:22:52.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T08:43:54.155Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43387",
"datePublished": "2024-09-10T08:43:54.155Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2024-09-10T14:22:52.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43388 (GCVE-0-2024-43388)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:22
VLAI
EPSS
Title
Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices
Summary
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
39 products
| Vendor | Product | Version | |
|---|---|---|---|
| PHOENIX CONTACT | FL MGUARD 2102 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 2105 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCI |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4102 PCIE |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4302 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD 4305 |
Affected:
0 , < 10.4.1
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CENTERPORT VPN-1000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD CORE TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD DELTA TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD GT/GT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCI4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD PCIE4000 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX-B |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS2005 TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-M |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX-P |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4000 TX/TX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD RS4004 TX/DTX VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | FL MGUARD SMART2 VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS2000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 3G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G ATT VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| PHOENIX CONTACT | TC MGUARD RS4000 4G VZW VPN |
Affected:
0 , < 8.9.3
(semver)
|
|
| phoenixcontact | fl_mguard_smart2_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | fl_mguard_4305_firmware |
Affected:
0 , < 10.4.1
(semver)
cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:* |
|
| phoenixcontact | tc_mguard_rs4000_4g_vzw_vpn_firmware |
Affected:
0 , < 8.9.3
(semver)
cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:* |
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_smart2_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fl_mguard_4305_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
"cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
"vendor": "phoenixcontact",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:46:11.213014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:17:49.005Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T06:22:30.968Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43388",
"datePublished": "2024-09-10T08:44:06.550Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2025-08-22T06:22:30.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43389 (GCVE-0-2024-43389)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:23
VLAI
EPSS
Title
Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
Summary
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
36 products
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:43:32.088676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:44:29.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.\u003c/p\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T06:23:04.328Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43389",
"datePublished": "2024-09-10T08:44:19.337Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2025-08-22T06:23:04.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43390 (GCVE-0-2024-43390)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:23
VLAI
EPSS
Title
Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
36 products
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:43:23.510390Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:44:10.735Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T06:23:31.974Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43390",
"datePublished": "2024-09-10T08:44:30.792Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2025-08-22T06:23:31.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43391 (GCVE-0-2024-43391)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:31
VLAI
EPSS
Title
Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
36 products
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43391",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:43:11.993032Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:43:56.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u0026nbsp;through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u00a0through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T06:31:58.682Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43391",
"datePublished": "2024-09-10T08:44:42.576Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2025-08-22T06:31:58.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43392 (GCVE-0-2024-43392)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:32
VLAI
EPSS
Title
Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
36 products
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43392",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:31:18.258271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:31:26.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u0026nbsp;FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u00a0FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T06:32:27.638Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43392",
"datePublished": "2024-09-10T08:44:56.166Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2025-08-22T06:32:27.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43393 (GCVE-0-2024-43393)
Vulnerability from cvelistv5 – Published: 2024-09-10 08:45 – Updated: 2025-08-22 06:32
VLAI
EPSS
Title
Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices
Summary
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
36 products
Credits
Andrea Palanca
Nozomi Networks Security Research Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:30:58.571512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:31:09.684Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2102",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 2105",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCI",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4102 PCIE",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4302",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD 4305",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "10.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CENTERPORT VPN-1000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD CORE TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD DELTA TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD GT/GT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCI4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD PCIE4000 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX-B",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS2005 TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-M",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX-P",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4000 TX/TX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD RS4004 TX/DTX VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FL MGUARD SMART2 VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS2000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 3G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G ATT VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TC MGUARD RS4000 4G VZW VPN",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "8.9.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Andrea Palanca"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nozomi Networks Security Research Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-22T06:32:56.194Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-039"
}
],
"source": {
"advisory": "VDE-2024-039",
"defect": [
"CERT@VDE#641656"
],
"discovery": "UNKNOWN"
},
"title": "Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-43393",
"datePublished": "2024-09-10T08:45:10.306Z",
"dateReserved": "2024-08-12T08:30:16.360Z",
"dateUpdated": "2025-08-22T06:32:56.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…