Share: Email | Twitter

ID

VDE-2020-046

Published

2020-12-17 10:01 (CET)

Last update

2020-12-17 10:01 (CET)

Vendor(s)

PHOENIX CONTACT GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
2701876 FL MGUARD RS4004 TX/DTX < 8.8.3
2701877 FL MGUARD RS4004 TX/DTX VPN < 8.8.3
mGuard rs4000 4TX/3G/TX VPN < 8.8.3
mGuard rs4000 4TX/TX < 8.8.3
mGuard rs4000 4TX/TX VPN < 8.8.3
2903440 TC MGUARD RS4000 3G VPN < 8.8.3
1010463 TC MGUARD RS4000 4G ATT VPN < 8.8.3
2903586 TC MGUARD RS4000 4G VPN < 8.8.3
1010461 TC MGUARD RS4000 4G VZW VPN < 8.8.3

Summary

For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource (CWE-909).


Weakness

Missing Initialization of Resource  (CWE-909) 

Summary

For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource.


Impact

After a reboot, affected mGuard devices may unexpectedly receive or send data on disabled switch ports. This includes the unexpected provision of administrative interfaces. Attackers may try to access confidential data or compromise the availability of mGuard services by flooding or resource exhaustion.

Solution

Mitigation

Instead of deactivating by configuration, network cables should be detached from affected switch
ports.

Solution

PHOENIX CONTACT recommends all mGuard users to upgrade to the firmware version 8.8.3.

Reported by

This vulnerability was discovered by SMST Designers & Constructors B.V.