CVE-2024-43390
Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
Severity Score
8.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
*Credits:
Andrea Palanca, Nozomi Networks Security Research Team
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-08-12 CVE Reserved
- 2024-09-10 CVE Published
- 2024-09-28 EPSS Updated
- 2024-10-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://cert.vde.com/en/advisories/VDE-2024-039 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD 2102 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 2102" | < 10.4.1 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 2102" and version " < 10.4.1" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD 2105 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 2105" | < 10.4.1 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 2105" and version " < 10.4.1" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD 4102 PCI Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4102 PCI" | < 10.4.1 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4102 PCI" and version " < 10.4.1" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD 4102 PCIE Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4102 PCIE" | < 10.4.1 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4102 PCIE" and version " < 10.4.1" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD 4302 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4302" | < 10.4.1 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4302" and version " < 10.4.1" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD 4305 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4305" | < 10.4.1 Search vendor "PHOENIX CONTACT" for product "FL MGUARD 4305" and version " < 10.4.1" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD CENTERPORT VPN-1000 Search vendor "PHOENIX CONTACT" for product "FL MGUARD CENTERPORT VPN-1000" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD CENTERPORT VPN-1000" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD CORE TX Search vendor "PHOENIX CONTACT" for product "FL MGUARD CORE TX" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD CORE TX" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD CORE TX VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD CORE TX VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD CORE TX VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD DELTA TX/TX Search vendor "PHOENIX CONTACT" for product "FL MGUARD DELTA TX/TX" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD DELTA TX/TX" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD DELTA TX/TX VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD DELTA TX/TX VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD DELTA TX/TX VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD GT/GT Search vendor "PHOENIX CONTACT" for product "FL MGUARD GT/GT" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD GT/GT" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD GT/GT VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD GT/GT VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD GT/GT VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD PCI4000 Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCI4000" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCI4000" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD PCI4000 VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCI4000 VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCI4000 VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD PCIE4000 Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCIE4000" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCIE4000" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD PCIE4000 VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCIE4000 VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD PCIE4000 VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS2000 TX/TX-B Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS2000 TX/TX-B" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS2000 TX/TX-B" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS2000 TX/TX VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS2000 TX/TX VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS2000 TX/TX VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS2005 TX VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS2005 TX VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS2005 TX VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS4000 TX/TX Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS4000 TX/TX-M Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX-M" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX-M" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS4000 TX/TX-P Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX-P" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX-P" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS4000 TX/TX VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4000 TX/TX VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS4004 TX/DTX Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4004 TX/DTX" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4004 TX/DTX" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD RS4004 TX/DTX VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4004 TX/DTX VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD RS4004 TX/DTX VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD SMART2 Search vendor "PHOENIX CONTACT" for product "FL MGUARD SMART2" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD SMART2" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | FL MGUARD SMART2 VPN Search vendor "PHOENIX CONTACT" for product "FL MGUARD SMART2 VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "FL MGUARD SMART2 VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS2000 3G VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 3G VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 3G VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS2000 4G ATT VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 4G ATT VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 4G ATT VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS2000 4G VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 4G VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 4G VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS2000 4G VZW VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 4G VZW VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS2000 4G VZW VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS4000 3G VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 3G VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 3G VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS4000 4G ATT VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 4G ATT VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 4G ATT VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS4000 4G VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 4G VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 4G VPN" and version " < 8.9.3" | en |
Affected
| ||||||
PHOENIX CONTACT Search vendor "PHOENIX CONTACT" | TC MGUARD RS4000 4G VZW VPN Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 4G VZW VPN" | < 8.9.3 Search vendor "PHOENIX CONTACT" for product "TC MGUARD RS4000 4G VZW VPN" and version " < 8.9.3" | en |
Affected
|