high
8.1
CWE
74
Advisory Published
Updated

CVE-2024-43392: Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices

First published: Tue Sep 10 2024(Updated: )

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS.

Credit: info@cert.vde.com

Affected SoftwareAffected VersionHow to fix
All of
Phoenix Contact TC Mguard RS4000 4G VZW VPN Firmware<8.9.3
Phoenix Contact TC Mguard RS4000 4G VZW VPN Firmware
All of
Phoenix Contact mGuard RS4000 4G VPN<8.9.3
Phoenix Contact mGuard RS4000 4G VPN
All of
Phoenix Contact TC Mguard RS4000 4G AT&T VPN<8.9.3
Phoenix Contact TC Mguard RS4000 4G AT&T VPN
All of
Phoenix Contact mGuard RS4000 3G VPN<8.9.3
Phoenix Contact TC Mguard RS4000 3G VPN
All of
Phoenixcontact Tc Mguard Rs2000 4g Vpn Firmware<8.9.3
Phoenix Contact TC Mguard RS2000 4G VZW VPN
All of
Phoenix Contact TC MGuard RS2000 4G AT&T VPN Firmware<8.9.3
Phoenixcontact Mguard Rs2000 4g Vpn
All of
Phoenix Contact TC MGuard RS2000 4G ATT VPN<8.9.3
Phoenix Contact TC MGuard RS2000 4G AT&T VPN Firmware
All of
Phoenixcontact Tc Mguard Rs2000 3g Vpn<8.9.3
Phoenixcontact Tc Mguard Rs2000 3g Vpn Firmware
All of
Phoenix Contact FL MGUARD SMART2 VPN Firmware<8.9.3
Phoenixcontact FL Mguard Smart2
All of
Phoenixcontact FL Mguard Smart2<8.9.3
Phoenixcontact FL Mguard Smart2
All of
Phoenix Contact FL MGuard RS4004 TX/DX VPN Firmware<8.9.3
Phoenix Contact FL MGuard RS4004 Tx/Dtx VPN
All of
Phoenixcontact Fl Mguard Rs4004 Tx/dtx Firmware<8.9.3
Phoenix Contact FL MGuard RS4004 Tx/Dtx
All of
Phoenixcontact FL Mguard RS4000 TX/TX VPN Firmware<8.9.3
Phoenixcontact FL Mguard RS4000 Tx/TX VPN
All of
Phoenixcontact Fl Mguard Rs4000 Tx/tx-p Firmware<8.9.3
Phoenix Contact FL MGUARD RS4000 TX/TX-P
All of
Phoenix Contact FL MGUARD RS4000 TX/TX-M Firmware<8.9.3
Phoenixcontact Fl Mguard Rs4000 Tx/tx-m
All of
Phoenixcontact Fl Mguard Rs4000 Tx/tx Firmware<8.9.3
Phoenix Contact FL MGuard RS4000 Tx/TX
All of
Phoenix Contact FL MGuard RS2005 TX VPN<8.9.3
Phoenix Contact FL MGuard RS2005 TX VPN
All of
Phoenix Contact FL MGUARD RS2000 TX/TX VPN Firmware<8.9.3
Phoenix Contact FL MGuard RS2000 TX/TX VPN
All of
Phoenixcontact Fl Mguard Rs2000 Tx/tx-b Firmware<8.9.3
Phoenixcontact FL Mguard RS2000 Tx/Tx-b
All of
Phoenix Contact FL Mguard PCIe4000 VPN Firmware<8.9.3
Phoenix Contact FL Mguard PCIe4000 VPN
All of
Phoenixcontact Fl Mguard Pcie4000 Firmware<8.9.3
Phoenix Contact FL MGuard PCIe 4000
All of
Phoenixcontact Mguard Pci4000 Vpn Firmware<8.9.3
Phoenix Contact mGuard PCI4000 VPN
All of
Phoenixcontact Fl Mguard Pcie4000 Firmware<8.9.3
Phoenixcontact FL MGuard PCI4000 VPN
All of
Phoenixcontact FL Mguard GT/GT VPN Firmware<8.9.3
Phoenix Contact FL MGuard GT/GT VPN
All of
Phoenixcontact Fl Mguard Gt/gt Firmware<8.9.3
Phoenix Contact FL MGuard GT/GT
All of
Phoenixcontact Fl Mguard Delta Tx/tx Vpn Firmware<8.9.3
Phoenixcontact FL Mguard Delta TX/TX VPN
All of
Phoenix Contact FL Mguard Delta TX/TX Firmware<8.9.3
Phoenix Contact FL Mguard Delta TX/TX
All of
Phoenix Contact FL MGuard Core TX VPN Firmware<8.9.3
Phoenix Contact FL MGuard Core TX VPN Firmware
All of
Phoenix Contact FL MGuard Core TX Firmware<8.9.3
Phoenix Contact FL Mguard Core Tx
All of
Phoenixcontact Fl Mguard Centerport Vpn-1000<8.9.3
Phoenixcontact Fl Mguard Centerport Vpn-1000 Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-43392?

    CVE-2024-43392 has a low severity rating, indicating that it poses minimal risk to affected systems.

  • How do I fix CVE-2024-43392?

    To fix CVE-2024-43392, update the firmware of affected Phoenixcontact TC Mguard devices to the latest version beyond 8.9.3.

  • Which devices are affected by CVE-2024-43392?

    CVE-2024-43392 affects multiple versions of Phoenixcontact TC Mguard devices, including the RS2000 and RS4000 models running firmware versions prior to 8.9.3.

  • Can CVE-2024-43392 be exploited remotely?

    Yes, CVE-2024-43392 can be exploited by low privileged remote attackers to execute configuration changes on the firewall services.

  • What types of changes can be made due to CVE-2024-43392?

    An attacker exploiting CVE-2024-43392 can change critical configurations such as packet filtering, packet forwarding, and NAT settings.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203