PHOENIX CONTACT mGuard IKE daemon remote denial of service
VDE-2017-001 (2017-08-11 12:05 UTC+0200)
CVE Identifier
CVE-2013-6466Affected Vendors
PHOENIX CONTACT, Innominate Security Technologies
Affected Products
mGuard firmware version 8.0.0 to 8.5.1
Vulnerability Type
Denial of Service
Summary
Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
Impact
Specially crafted IKEv2 packets may force an IKE daemon restart and force a restart of all IPsec connections. There is no access to sensitive information or tunnel content possible by this attack.
Solution
PHOENIX CONTACT and Innominate recommend all customers running mGuard devices with affected firmware versions to update to firmware version 8.5.2 or higher, which fixes this vulnerability. Updates can be found on the vendor’s „Downloads“ page for each of the affected devices:
| Art. No. | Description | Link |
|---|---|---|
| 2200515 | FL MGUARD RS4000 TX/TX VPN | Downloads |
| 2700197 | FL MGUARD GT/GT | Downloads |
| 2700198 | FL MGUARD GT/GT VPN | Downloads |
| 2700634 | FL MGUARD RS4000 TX/TX | Downloads |
| 2700639 | FL MGUARD SMART2 VPN | Downloads |
| 2700640 | FL MGUARD SMART2 | Downloads |
| 2700642 | FL MGUARD RS2000 TX/TX VPN | Downloads |
| 2700967 | FL MGUARD DELTA TX/TX | Downloads |
| 2700968 | FL MGUARD DELTA TX/TX VPN | Downloads |
| 2701274 | FL MGUARD PCI4000 | Downloads |
| 2701275 | FL MGUARD PCI4000 VPN | Downloads |
| 2701278 | FL MGUARD PCIE4000 VPN | Downloads |
| 2701875 | FL MGUARD RS2005 TX VPN | Downloads |
| 2701876 | FL MGUARD RS4004 TX/DTX | Downloads |
| 2701877 | FL MGUARD RS4004 TX/DTX VPN | Downloads |
| 2702259 | FL MGUARD RS4000 TX/TX-P | Downloads |
| 2702465 | FL MGUARD RS4000 TX/TX VPN-M | Downloads |
| 2702547 | FL MGUARD CENTERPORT | Downloads |
| 2989310 | FL MGUARD RS | Downloads |
| 2989718 | FL MGUARD RS VPN ANALOG | Downloads |
| 2903441 | TC MGUARD RS2000 3G VPN | Downloads |
| 2903440 | TC MGUARD RS4000 3G VPN | Downloads |
| 2903588 | TC MGUARD RS2000 4G VPN | Downloads |
| 2903586 | TC MGUARD RS4000 4G VPN | Downloads |
Reported by
PHOENIX CONTACT