medium
5.3
CWE
20 1287
Advisory Published
Updated

CVE-2023-2673: PHOENIX CONTACT: FL/TC MGUARD prone to Improper Input Validation

First published: Tue Jun 13 2023(Updated: )

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.

Credit: info@cert.vde.com info@cert.vde.com

Affected SoftwareAffected VersionHow to fix
Phoenixcontact Fl Mguard 2102 Firmware<=10.1.1
Phoenixcontact Fl Mguard 2102
Phoenixcontact Fl Mguard 4102 Pci Firmware<=10.1.1
Phoenixcontact Fl Mguard 4102 Pci
Phoenixcontact Fl Mguard 4102 Pcie Firmware<=10.1.1
Phoenixcontact Fl Mguard 4102 Pcie
Phoenixcontact Fl Mguard 4302 Firmware<=10.1.1
Phoenixcontact Fl Mguard 4302
Phoenixcontact Fl Mguard Centerport Firmware<=8.9.0
Phoenixcontact Fl Mguard Centerport
Phoenixcontact Fl Mguard Centerport Vpn-1000 Firmware<=8.9.0
Phoenixcontact Fl Mguard Centerport Vpn-1000
Phoenixcontact Fl Mguard Core Tx Firmware<=8.9.0
Phoenixcontact Fl Mguard Core Tx
Phoenixcontact Fl Mguard Core Tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Core Tx Vpn
Phoenixcontact Fl Mguard Delta Tx\/tx Firmware<=8.9.0
Phoenixcontact Fl Mguard Delta Tx\/tx
Phoenixcontact Fl Mguard Delta Tx\/tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Delta Tx\/tx Vpn
Phoenixcontact Fl Mguard Gt\/gt Firmware<=8.9.0
Phoenixcontact Fl Mguard Gt\/gt
Phoenixcontact Fl Mguard Gt\/gt Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Gt\/gt Vpn
Phoenixcontact Fl Mguard Pci4000 Firmware<=8.9.0
Phoenixcontact Fl Mguard Pci4000
Phoenixcontact Fl Mguard Pci4000 Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Pci4000 Vpn
Phoenixcontact Fl Mguard Pcie4000 Firmware<=8.9.0
Phoenixcontact Fl Mguard Pcie4000
Phoenixcontact Fl Mguard Pcie4000 Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Pcie4000 Vpn
Phoenixcontact Fl Mguard Rs2000 Tx\/tx-b Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs2000 Tx\/tx-b
Phoenixcontact Fl Mguard Rs2000 Tx\/tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs2000 Tx\/tx Vpn
Phoenixcontact Fl Mguard Rs2005 Tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs2005 Tx Vpn
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-m Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-m
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-p Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-p
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Vpn
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Vpn
Phoenixcontact Fl Mguard Smart2 Firmware<=8.9.0
Phoenixcontact Fl Mguard Smart2
Phoenixcontact Fl Mguard Smart2 Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Smart2 Vpn
All of
Phoenixcontact Fl Mguard 2102
Phoenixcontact Fl Mguard 2102 Firmware<=10.1.1
All of
Phoenixcontact Fl Mguard 4102 Pci
Phoenixcontact Fl Mguard 4102 Pci Firmware<=10.1.1
All of
Phoenixcontact Fl Mguard 4102 Pcie
Phoenixcontact Fl Mguard 4102 Pcie Firmware<=10.1.1
All of
Phoenixcontact Fl Mguard 4302
Phoenixcontact Fl Mguard 4302 Firmware<=10.1.1
All of
Phoenixcontact Fl Mguard Centerport
Phoenixcontact Fl Mguard Centerport Firmware<=8.9.0
All of
Phoenixcontact Fl Mguard Centerport Vpn-1000
Phoenixcontact Fl Mguard Centerport Vpn-1000 Firmware<=8.9.0
All of
Phoenixcontact Fl Mguard Core Tx
Phoenixcontact Fl Mguard Core Tx Firmware<=8.9.0
All of
Phoenixcontact Fl Mguard Core Tx Vpn
Phoenixcontact Fl Mguard Core Tx Vpn Firmware<=8.9.0
All of
Phoenixcontact Fl Mguard Delta Tx\/tx Firmware<=8.9.0
Phoenixcontact Fl Mguard Delta Tx\/tx
All of
Phoenixcontact Fl Mguard Delta Tx\/tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Delta Tx\/tx Vpn
All of
Phoenixcontact Fl Mguard Gt\/gt Firmware<=8.9.0
Phoenixcontact Fl Mguard Gt\/gt
All of
Phoenixcontact Fl Mguard Gt\/gt Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Gt\/gt Vpn
All of
Phoenixcontact Fl Mguard Pci4000 Firmware<=8.9.0
Phoenixcontact Fl Mguard Pci4000
All of
Phoenixcontact Fl Mguard Pci4000 Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Pci4000 Vpn
All of
Phoenixcontact Fl Mguard Pcie4000 Firmware<=8.9.0
Phoenixcontact Fl Mguard Pcie4000
All of
Phoenixcontact Fl Mguard Pcie4000 Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Pcie4000 Vpn
All of
Phoenixcontact Fl Mguard Rs2000 Tx\/tx-b Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs2000 Tx\/tx-b
All of
Phoenixcontact Fl Mguard Rs2000 Tx\/tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs2000 Tx\/tx Vpn
All of
Phoenixcontact Fl Mguard Rs2005 Tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs2005 Tx Vpn
All of
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-m Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-m
All of
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-p Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx-p
All of
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4000 Tx\/tx Vpn
All of
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx
All of
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Rs4004 Tx\/dtx Vpn
All of
Phoenixcontact Fl Mguard Smart2 Firmware<=8.9.0
Phoenixcontact Fl Mguard Smart2
All of
Phoenixcontact Fl Mguard Smart2 Vpn Firmware<=8.9.0
Phoenixcontact Fl Mguard Smart2 Vpn

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID for this PHOENIX CONTACT FL/TC MGUARD vulnerability?

    The vulnerability ID for this PHOENIX CONTACT FL/TC MGUARD vulnerability is CVE-2023-2673.

  • What is the severity level of the CVE-2023-2673 vulnerability?

    The severity level of the CVE-2023-2673 vulnerability is medium, with a severity value of 5.3.

  • What is the description of the CVE-2023-2673 vulnerability?

    The CVE-2023-2673 vulnerability is an Improper Input Validation vulnerability that allows UDP packets to bypass filter rules and access the solely connected device behind the MGUARD, thereby enabling flooding attacks.

  • Which software versions are affected by the CVE-2023-2673 vulnerability?

    The CVE-2023-2673 vulnerability affects multiple versions of PHOENIX CONTACT FL/TC MGUARD Family, including firmware versions up to and inclusive of 10.1.1 for various models.

  • How can I fix the CVE-2023-2673 vulnerability?

    To fix the CVE-2023-2673 vulnerability, it is recommended to update the firmware of the affected PHOENIX CONTACT FL/TC MGUARD Family devices to versions that are not vulnerable.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203