Search

Find a vulnerability

Search criteria

    28 vulnerabilities found for TC MGUARD RS2000 4G VPN by PHOENIX CONTACT

    CVE-2024-43384 (GCVE-0-2024-43384)

    Vulnerability from nvd – Published: 2026-05-07 08:37 – Updated: 2026-05-07 14:32
    VLAI
    Title
    Phoenix Contact: Improper removal of sensitive information in MGUARD products
    Summary
    A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43384",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-07T14:32:17.955380Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-07T14:32:39.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can gain\u0026nbsp;the root password due to improper removal of sensitive information before storage or transfer.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can gain\u00a0the root password due to improper removal of sensitive information before storage or transfer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-212",
                  "description": "CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T08:37:04.384Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://certvde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Improper removal of sensitive information in MGUARD products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43384",
        "datePublished": "2026-05-07T08:37:04.384Z",
        "dateReserved": "2024-08-12T08:30:16.359Z",
        "dateUpdated": "2026-05-07T14:32:39.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-7699 (GCVE-0-2024-7699)

    Vulnerability from nvd – Published: 2024-09-10 08:42 – Updated: 2024-09-10 14:25
    VLAI
    Title
    Phoenix Contact: OS command execution in MGUARD products
    Summary
    An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7699",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:25:49.250812Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:25:56.498Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:42:55.635Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OS command execution in MGUARD products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-7699",
        "datePublished": "2024-09-10T08:42:55.635Z",
        "dateReserved": "2024-08-12T08:30:25.190Z",
        "dateUpdated": "2024-09-10T14:25:56.498Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7698 (GCVE-0-2024-7698)

    Vulnerability from nvd – Published: 2024-09-10 08:42 – Updated: 2025-08-22 06:21
    VLAI
    Title
    Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products
    Summary
    A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T15:51:37.470535Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T15:51:48.345Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can\u0026nbsp;get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can\u00a0get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:21:42.084Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-7698",
        "datePublished": "2024-09-10T08:42:42.629Z",
        "dateReserved": "2024-08-12T08:30:23.906Z",
        "dateUpdated": "2025-08-22T06:21:42.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43393 (GCVE-0-2024-43393)

    Vulnerability from nvd – Published: 2024-09-10 08:45 – Updated: 2025-08-22 06:32
    VLAI
    Title
    Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43393",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:30:58.571512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:31:09.684Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP  environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP  environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:32:56.194Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43393",
        "datePublished": "2024-09-10T08:45:10.306Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:32:56.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43392 (GCVE-0-2024-43392)

    Vulnerability from nvd – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:32
    VLAI
    Title
    Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43392",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:31:18.258271Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:31:26.163Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u0026nbsp;FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP  environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u00a0FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP  environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:32:27.638Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Firewall reconfiguration through the FW_environment variables  in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43392",
        "datePublished": "2024-09-10T08:44:56.166Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:32:27.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43391 (GCVE-0-2024-43391)

    Vulnerability from nvd – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:31
    VLAI
    Title
    Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43391",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:43:11.993032Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:43:56.307Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u0026nbsp;through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u00a0through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:31:58.682Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43391",
        "datePublished": "2024-09-10T08:44:42.576Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:31:58.682Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43390 (GCVE-0-2024-43390)

    Vulnerability from nvd – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:23
    VLAI
    Title
    Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43390",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:43:23.510390Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:44:10.735Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:23:31.974Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43390",
        "datePublished": "2024-09-10T08:44:30.792Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:23:31.974Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43389 (GCVE-0-2024-43389)

    Vulnerability from nvd – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:23
    VLAI
    Title
    Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43389",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:43:32.088676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:44:29.029Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.\u003c/p\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:23:04.328Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43389",
        "datePublished": "2024-09-10T08:44:19.337Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:23:04.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43388 (GCVE-0-2024-43388)

    Vulnerability from nvd – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:22
    VLAI
    Title
    Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices
    Summary
    A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43388",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:46:11.213014Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:17:49.005Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:22:30.968Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43388",
        "datePublished": "2024-09-10T08:44:06.550Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:22:30.968Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43387 (GCVE-0-2024-43387)

    Vulnerability from nvd – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:22
    VLAI
    Title
    Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
    Summary
    A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:22:29.653702Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:22:52.652Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:43:54.155Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43387",
        "datePublished": "2024-09-10T08:43:54.155Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2024-09-10T14:22:52.652Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43386 (GCVE-0-2024-43386)

    Vulnerability from nvd – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:25
    VLAI
    Title
    Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
    Summary
    A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:25:00.255471Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:25:13.169Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u0026nbsp;mGuard devices.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u00a0mGuard devices."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:43:41.392Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in\u00a0mGuard devices.",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43386",
        "datePublished": "2024-09-10T08:43:41.392Z",
        "dateReserved": "2024-08-12T08:30:16.359Z",
        "dateUpdated": "2024-09-10T14:25:13.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43385 (GCVE-0-2024-43385)

    Vulnerability from nvd – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:25
    VLAI
    Title
    Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices
    Summary
    A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43385",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:25:23.534617Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:25:30.320Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the\u0026nbsp;execution of arbitrary OS commands as root due to improper neutralization of special elements in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe variable PROXY_HTTP_PORT in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emGuard devices.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can trigger the\u00a0execution of arbitrary OS commands as root due to improper neutralization of special elements in\u00a0the variable PROXY_HTTP_PORT in\u00a0mGuard devices."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78:Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:43:25.556Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OS command execution through PROXY_HTTP_PORT in\u00a0mGuard devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43385",
        "datePublished": "2024-09-10T08:43:25.556Z",
        "dateReserved": "2024-08-12T08:30:16.359Z",
        "dateUpdated": "2024-09-10T14:25:30.320Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7734 (GCVE-0-2024-7734)

    Vulnerability from nvd – Published: 2024-09-10 08:03 – Updated: 2024-09-10 16:00
    VLAI
    Title
    Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
    Summary
    An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7734",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T15:54:22.823770Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T16:00:45.691Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An unauthenticated remote attacker can\u0026nbsp;exploit the behavior of the\u0026nbsp;pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u0026nbsp;blocking of valid IPsec VPN peers.\u003cbr\u003e"
                }
              ],
              "value": "An unauthenticated remote attacker can\u00a0exploit the behavior of the\u00a0pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u00a0blocking of valid IPsec VPN peers."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:03:19.477Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-052"
            }
          ],
          "source": {
            "advisory": "VDE-2024-052",
            "defect": [
              "CERT@VDE#641676"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-7734",
        "datePublished": "2024-09-10T08:03:19.477Z",
        "dateReserved": "2024-08-13T12:52:12.930Z",
        "dateUpdated": "2024-09-10T16:00:45.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-3480 (GCVE-0-2022-3480)

    Vulnerability from nvd – Published: 2022-11-15 10:58 – Updated: 2025-04-29 20:13
    VLAI
    Title
    Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family
    Summary
    A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD CENTERPORT Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    Date Public
    2022-11-15 09:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:14:01.485Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T20:13:37.379872Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T20:13:45.498Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2022-11-15T09:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eby sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-15T10:58:25.780Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to firmware version \u0026gt;= 8.9.0"
                }
              ],
              "value": "Upgrade to firmware version \u003e= 8.9.0"
            }
          ],
          "source": {
            "advisory": "VDE-2022-051",
            "defect": [
              "CERT@VDE#64261"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2022-3480",
        "datePublished": "2022-11-15T10:58:25.780Z",
        "dateReserved": "2022-10-13T07:49:46.094Z",
        "dateUpdated": "2025-04-29T20:13:45.498Z",
        "requesterUserId": "a1e5283b-8f0d-401e-98b2-bc6219c0e8d1",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43384 (GCVE-0-2024-43384)

    Vulnerability from cvelistv5 – Published: 2026-05-07 08:37 – Updated: 2026-05-07 14:32
    VLAI
    Title
    Phoenix Contact: Improper removal of sensitive information in MGUARD products
    Summary
    A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43384",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-07T14:32:17.955380Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-07T14:32:39.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can gain\u0026nbsp;the root password due to improper removal of sensitive information before storage or transfer.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can gain\u00a0the root password due to improper removal of sensitive information before storage or transfer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-212",
                  "description": "CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T08:37:04.384Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://certvde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Improper removal of sensitive information in MGUARD products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43384",
        "datePublished": "2026-05-07T08:37:04.384Z",
        "dateReserved": "2024-08-12T08:30:16.359Z",
        "dateUpdated": "2026-05-07T14:32:39.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-43393 (GCVE-0-2024-43393)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:45 – Updated: 2025-08-22 06:32
    VLAI
    Title
    Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43393",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:30:58.571512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:31:09.684Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP  environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP  environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:32:56.194Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43393",
        "datePublished": "2024-09-10T08:45:10.306Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:32:56.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43392 (GCVE-0-2024-43392)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:32
    VLAI
    Title
    Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43392",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:31:18.258271Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:31:26.163Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u0026nbsp;FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP  environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the\u00a0FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP  environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:32:27.638Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Firewall reconfiguration through the FW_environment variables  in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43392",
        "datePublished": "2024-09-10T08:44:56.166Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:32:27.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43391 (GCVE-0-2024-43391)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:31
    VLAI
    Title
    Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43391",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:43:11.993032Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:43:56.307Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u0026nbsp;through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT\u00a0through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:31:58.682Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43391",
        "datePublished": "2024-09-10T08:44:42.576Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:31:58.682Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43390 (GCVE-0-2024-43390)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:23
    VLAI
    Title
    Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43390",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:43:23.510390Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:44:10.735Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:23:31.974Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43390",
        "datePublished": "2024-09-10T08:44:30.792Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:23:31.974Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43389 (GCVE-0-2024-43389)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:23
    VLAI
    Title
    Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices
    Summary
    A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43389",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:43:32.088676Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:44:29.029Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.\u003c/p\u003e"
                }
              ],
              "value": "A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:23:04.328Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OSPF reconfiguration due to improper input validation in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43389",
        "datePublished": "2024-09-10T08:44:19.337Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:23:04.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43388 (GCVE-0-2024-43388)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:44 – Updated: 2025-08-22 06:22
    VLAI
    Title
    Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices
    Summary
    A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43388",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:46:11.213014Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:17:49.005Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:22:30.968Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43388",
        "datePublished": "2024-09-10T08:44:06.550Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2025-08-22T06:22:30.968Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43387 (GCVE-0-2024-43387)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:22
    VLAI
    Title
    Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices
    Summary
    A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:22:29.653702Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:22:52.652Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:43:54.155Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Access files due to improper neutralization of special elements in MGUARD devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43387",
        "datePublished": "2024-09-10T08:43:54.155Z",
        "dateReserved": "2024-08-12T08:30:16.360Z",
        "dateUpdated": "2024-09-10T14:22:52.652Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43386 (GCVE-0-2024-43386)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:25
    VLAI
    Title
    Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in mGuard devices.
    Summary
    A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in mGuard devices.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:25:00.255471Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:25:13.169Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u0026nbsp;mGuard devices.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL_NOTIFICATION.TO in\u00a0mGuard devices."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:43:41.392Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OS command execution through EMAIL_NOTIFICATION.TO in\u00a0mGuard devices.",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43386",
        "datePublished": "2024-09-10T08:43:41.392Z",
        "dateReserved": "2024-08-12T08:30:16.359Z",
        "dateUpdated": "2024-09-10T14:25:13.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-43385 (GCVE-0-2024-43385)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:43 – Updated: 2024-09-10 14:25
    VLAI
    Title
    Phoenix Contact: OS command execution through PROXY_HTTP_PORT in mGuard devices
    Summary
    A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-43385",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:25:23.534617Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:25:30.320Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can trigger the\u0026nbsp;execution of arbitrary OS commands as root due to improper neutralization of special elements in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe variable PROXY_HTTP_PORT in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emGuard devices.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can trigger the\u00a0execution of arbitrary OS commands as root due to improper neutralization of special elements in\u00a0the variable PROXY_HTTP_PORT in\u00a0mGuard devices."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78:Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:43:25.556Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OS command execution through PROXY_HTTP_PORT in\u00a0mGuard devices",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-43385",
        "datePublished": "2024-09-10T08:43:25.556Z",
        "dateReserved": "2024-08-12T08:30:16.359Z",
        "dateUpdated": "2024-09-10T14:25:30.320Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7699 (GCVE-0-2024-7699)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:42 – Updated: 2024-09-10 14:25
    VLAI
    Title
    Phoenix Contact: OS command execution in MGUARD products
    Summary
    An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7699",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T14:25:49.250812Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T14:25:56.498Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:42:55.635Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: OS command execution in MGUARD products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-7699",
        "datePublished": "2024-09-10T08:42:55.635Z",
        "dateReserved": "2024-08-12T08:30:25.190Z",
        "dateUpdated": "2024-09-10T14:25:56.498Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7698 (GCVE-0-2024-7698)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:42 – Updated: 2025-08-22 06:21
    VLAI
    Title
    Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products
    Summary
    A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Insertion of Sensitive Information Into Sent Data
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    Credits
    Andrea Palanca Nozomi Networks Security Research Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T15:51:37.470535Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T15:51:48.345Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Andrea Palanca"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Nozomi Networks Security Research Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA low privileged remote attacker can\u0026nbsp;get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A low privileged remote attacker can\u00a0get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-22T06:21:42.084Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-039"
            }
          ],
          "source": {
            "advisory": "VDE-2024-039",
            "defect": [
              "CERT@VDE#641656"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Access to CSRF tokens of higher privileged users in MGUARD products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-7698",
        "datePublished": "2024-09-10T08:42:42.629Z",
        "dateReserved": "2024-08-12T08:30:23.906Z",
        "dateUpdated": "2025-08-22T06:21:42.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-7734 (GCVE-0-2024-7734)

    Vulnerability from cvelistv5 – Published: 2024-09-10 08:03 – Updated: 2024-09-10 16:00
    VLAI
    Title
    Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.
    Summary
    An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD 2102 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 2105 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCI Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4102 PCIE Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4302 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD 4305 Affected: 0 , < 10.4.1 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.3 (semver)
    Create a notification for this product.
    phoenixcontact fl_mguard_smart2_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:-:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact fl_mguard_4305_firmware Affected: 0 , < 10.4.1 (semver)
        cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware Affected: 0 , < 8.9.3 (semver)
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*
        cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_centerport_vpn-1000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-m_firmware:-:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_smart2_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2102_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_2105_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pcie_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4102_pci_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4302_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:fl_mguard_4305_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "fl_mguard_4305_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "10.4.1",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
                  "cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tc_mguard_rs4000_4g_vzw_vpn_firmware",
                "vendor": "phoenixcontact",
                "versions": [
                  {
                    "lessThan": "8.9.3",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-7734",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T15:54:22.823770Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T16:00:45.691Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2102",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 2105",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCI",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4102 PCIE",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4302",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD 4305",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "10.4.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An unauthenticated remote attacker can\u0026nbsp;exploit the behavior of the\u0026nbsp;pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u0026nbsp;blocking of valid IPsec VPN peers.\u003cbr\u003e"
                }
              ],
              "value": "An unauthenticated remote attacker can\u00a0exploit the behavior of the\u00a0pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to\u00a0blocking of valid IPsec VPN peers."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T08:03:19.477Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2024-052"
            }
          ],
          "source": {
            "advisory": "VDE-2024-052",
            "defect": [
              "CERT@VDE#641676"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors.",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2024-7734",
        "datePublished": "2024-09-10T08:03:19.477Z",
        "dateReserved": "2024-08-13T12:52:12.930Z",
        "dateUpdated": "2024-09-10T16:00:45.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-3480 (GCVE-0-2022-3480)

    Vulnerability from cvelistv5 – Published: 2022-11-15 10:58 – Updated: 2025-04-29 20:13
    VLAI
    Title
    Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family
    Summary
    A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    References
    Impacted products
    Vendor Product Version
    PHOENIX CONTACT FL MGUARD CENTERPORT Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD CORE TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD GT/GT VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCI4000 VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD PCIE4000 VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS2005 TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT FL MGUARD SMART2 VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 3G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G ATT VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS2000 4G VZW VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 3G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G ATT VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    PHOENIX CONTACT TC MGUARD RS4000 4G VZW VPN Affected: 0 , < 8.9.0 (semver)
    Create a notification for this product.
    Date Public
    2022-11-15 09:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:14:01.485Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T20:13:37.379872Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T20:13:45.498Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CENTERPORT VPN-1000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD CORE TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD DELTA TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD GT/GT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCI4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD PCIE4000 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX-B",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS2005 TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-M",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX-P",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4000 TX/TX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD RS4004 TX/DTX VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "FL MGUARD SMART2 VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS2000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 3G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G ATT VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "TC MGUARD RS4000 4G VZW VPN",
              "vendor": "PHOENIX CONTACT",
              "versions": [
                {
                  "lessThan": "8.9.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2022-11-15T09:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eby sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP\u2019s. Configuring firewall limits for incoming connections cannot prevent the issue.\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-469",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-469 HTTP DoS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-15T10:58:25.780Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2022-051/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to firmware version \u0026gt;= 8.9.0"
                }
              ],
              "value": "Upgrade to firmware version \u003e= 8.9.0"
            }
          ],
          "source": {
            "advisory": "VDE-2022-051",
            "defect": [
              "CERT@VDE#64261"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2022-3480",
        "datePublished": "2022-11-15T10:58:25.780Z",
        "dateReserved": "2022-10-13T07:49:46.094Z",
        "dateUpdated": "2025-04-29T20:13:45.498Z",
        "requesterUserId": "a1e5283b-8f0d-401e-98b2-bc6219c0e8d1",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }