7.5
CWE
770
Advisory Published
Updated

CVE-2022-3480: Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family

First published: Tue Nov 15 2022(Updated: )

A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.

Credit: info@cert.vde.com

Affected SoftwareAffected VersionHow to fix
Phoenixcontact Fl Mguard Centerport Firmware<8.9.0
Phoenixcontact Fl Mguard Centerport
Phoenixcontact Fl Mguard Centerport Vpn-1000 Firmware<8.9.0
Phoenixcontact Fl Mguard Centerport Vpn-1000
Phoenixcontact Fl Mguard Core Tx Firmware<8.9.0
Phoenixcontact Fl Mguard Core Tx
Phoenixcontact Fl Mguard Core Tx Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Core Tx Vpn
Phoenixcontact Fl Mguard Delta Tx\/tx Firmware<8.9.0
Phoenixcontact Fl Mguard Delta Tx\/tx
Phoenixcontact Fl Mguard Delta Tx\/tx Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Delta Tx\/tx Vpn
Phoenixcontact Fl Mguard Gt\/gt Firmware<8.9.0
Phoenixcontact Fl Mguard Gt\/gt
Phoenixcontact Fl Mguard Gt\/gt Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Gt\/gt Vpn
Phoenixcontact Fl Mguard Pci4000 Firmware<8.9.0
Phoenixcontact Fl Mguard Pci4000
Phoenixcontact Fl Mguard Pci4000 Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Pci4000 Vpn
Phoenixcontact Fl Mguard Pcie4000 Firmware<8.9.0
Phoenixcontact Fl Mguard Pcie4000
Phoenixcontact Fl Mguard Pcie4000 Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Pcie4000 Vpn
Phoenixcontact Fl Mguard Rs2000 Tx\/tx-b Firmware<8.9.0
Phoenixcontact Fl Mguard Rs2000 Tx\/tx-b
Phoenixcontact Fl Mguard Rs2000 Tx\/tx Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Rs2000 Tx\/tx Vpn
Phoenixcontact Fl Mguard Rs2005 Tx Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Rs2005 Tx Vpn
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Firmware<8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-m Firmware<8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-m
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-p Firmware<8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-p
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Vpn
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Firmware<8.9.0
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Vpn
Phoenixcontact Fl Mguard Smart2 Firmware<8.9.0
Phoenixcontact Fl Mguard Smart2
Phoenixcontact Fl Mguard Smart2 Vpn Firmware<8.9.0
Phoenixcontact Fl Mguard Smart2 Vpn
Phoenixcontact Tc Mguard Rs2000 3g Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs2000 3g Vpn
Phoenixcontact Tc Mguard Rs2000 4g Att Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs2000 4g Att Vpn
Phoenixcontact Tc Mguard Rs2000 4g Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs2000 4g Vpn
Phoenixcontact Tc Mguard Rs2000 4g Vzw Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact Tc Mguard Rs4000 3g Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs4000 3g Vpn
Phoenixcontact Tc Mguard Rs4000 4g Att Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs4000 4g Att Vpn
Phoenixcontact Tc Mguard Rs4000 4g Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs4000 4g Vpn
Phoenixcontact Tc Mguard Rs4000 4g Vzw Vpn Firmware<8.9.0
Phoenixcontact Tc Mguard Rs4000 4g Vzw Vpn

Remedy

Upgrade to firmware version >= 8.9.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203