// For flags

CVE-2018-5441

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages.

Se ha descubierto un problema de validación indebida de valores de comprobación de integridad en PHOENIX CONTACT mGuard, en versiones de firmware 7.2 a 8.6.0. Los dispositivos mGuard dependen de sumas de verificación internas para verificar la integridad interna de los paquetes de actualización. La verificación podría no realizarse siempre correctamente, lo que permite que un atacante modifique paquetes de actualización de firmware.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-01-12 CVE Reserved
  • 2018-01-30 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-354: Improper Validation of Integrity Check Value
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Centerport Firmware
Search vendor "Phoenixcontact" for product "Mguard Centerport Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Centerport Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Centerport
Search vendor "Phoenixcontact" for product "Mguard Centerport"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Delta Tx\/tx Firmware
Search vendor "Phoenixcontact" for product "Mguard Delta Tx\/tx Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Delta Tx\/tx Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Delta Tx\/tx
Search vendor "Phoenixcontact" for product "Mguard Delta Tx\/tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Delta Tx\/tx Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Delta Tx\/tx Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Delta Tx\/tx Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Delta Tx\/tx Vpn
Search vendor "Phoenixcontact" for product "Mguard Delta Tx\/tx Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Gt\/gt Firmware
Search vendor "Phoenixcontact" for product "Mguard Gt\/gt Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Gt\/gt Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Gt\/gt
Search vendor "Phoenixcontact" for product "Mguard Gt\/gt"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Gt\/gt Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Gt\/gt Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Gt\/gt Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Gt\/gt Vpn
Search vendor "Phoenixcontact" for product "Mguard Gt\/gt Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Pci4000 Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Pci4000 Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Pci4000 Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Pci4000 Vpn
Search vendor "Phoenixcontact" for product "Mguard Pci4000 Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Pcie4000 Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Pcie4000 Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Pcie4000 Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Pcie4000 Vpn
Search vendor "Phoenixcontact" for product "Mguard Pcie4000 Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 Tx\/tx Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs2000 Tx\/tx Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs2000 Tx\/tx Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 Tx\/tx Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs2000 Tx\/tx Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 Tx\/tx-b Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs2000 Tx\/tx-b Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs2000 Tx\/tx-b Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 Tx\/tx-b
Search vendor "Phoenixcontact" for product "Mguard Rs2000 Tx\/tx-b"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2005 Tx Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs2005 Tx Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs2005 Tx Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2005 Tx Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs2005 Tx Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx Vpn-m Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Vpn-m Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Vpn-m Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx Vpn-m
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx Vpn-m"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx-p Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx-p Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx-p Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 Tx\/tx-p
Search vendor "Phoenixcontact" for product "Mguard Rs4000 Tx\/tx-p"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4004 Tx\/dtx Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4004 Tx\/dtx Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4004 Tx\/dtx Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4004 Tx\/dtx
Search vendor "Phoenixcontact" for product "Mguard Rs4004 Tx\/dtx"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4004 Tx\/dtx Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4004 Tx\/dtx Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4004 Tx\/dtx Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4004 Tx\/dtx Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs4004 Tx\/dtx Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Smart2 Firmware
Search vendor "Phoenixcontact" for product "Mguard Smart2 Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Smart2 Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Smart2
Search vendor "Phoenixcontact" for product "Mguard Smart2"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Smart2 Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Smart2 Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Smart2 Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Smart2 Vpn
Search vendor "Phoenixcontact" for product "Mguard Smart2 Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 3g Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs2000 3g Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs2000 3g Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 3g Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs2000 3g Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 3g Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4000 3g Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4000 3g Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 3g Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs4000 3g Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Core Tx Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Core Tx Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Core Tx Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Core Tx Vpn
Search vendor "Phoenixcontact" for product "Mguard Core Tx Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 4g Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs2000 4g Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs2000 4g Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs2000 4g Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs2000 4g Vpn"
--
Safe
Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 4g Vpn Firmware
Search vendor "Phoenixcontact" for product "Mguard Rs4000 4g Vpn Firmware"
>= 7.2.0 <= 8.6.0
Search vendor "Phoenixcontact" for product "Mguard Rs4000 4g Vpn Firmware" and version " >= 7.2.0 <= 8.6.0"
-
Affected
in Phoenixcontact
Search vendor "Phoenixcontact"
Mguard Rs4000 4g Vpn
Search vendor "Phoenixcontact" for product "Mguard Rs4000 4g Vpn"
--
Safe