ByteOS

Product

FL MGUARD 2102

Default Status

unaffected

Versions

Affected

From 0 before 10.4.1 (semver)

Vendor

Product

FL MGUARD 2105

Default Status

unaffected

Versions

Affected

From 0 before 10.4.1 (semver)

Vendor

Product

FL MGUARD 4102 PCI

Default Status

unaffected

Versions

Affected

From 0 before 10.4.1 (semver)

Vendor

Product

FL MGUARD 4102 PCIE

Default Status

unaffected

Versions

Affected

From 0 before 10.4.1 (semver)

Vendor

Product

FL MGUARD 4302

Default Status

unaffected

Versions

Affected

From 0 before 10.4.1 (semver)

Vendor

Product

FL MGUARD 4305

Default Status

unaffected

Versions

Affected

From 0 before 10.4.1 (semver)

Vendor

FL MGUARD CENTERPORT VPN-1000

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD CORE TX

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD CORE TX VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD DELTA TX/TX

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

FL MGUARD DELTA TX/TX VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD GT/GT

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD GT/GT VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD PCI4000

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD PCI4000 VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD PCIE4000

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD PCIE4000 VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD RS2000 TX/TX-B

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

FL MGUARD RS2000 TX/TX VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD RS2005 TX VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD RS4000 TX/TX

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD RS4000 TX/TX-M

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD RS4000 TX/TX-P

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

FL MGUARD RS4000 TX/TX VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD RS4004 TX/DTX

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

FL MGUARD RS4004 TX/DTX VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD SMART2

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

FL MGUARD SMART2 VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

TC MGUARD RS2000 3G VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

TC MGUARD RS2000 4G ATT VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

TC MGUARD RS2000 4G VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

TC MGUARD RS2000 4G VZW VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

TC MGUARD RS4000 3G VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

TC MGUARD RS4000 4G ATT VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

Product

TC MGUARD RS4000 4G VPN

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Vendor

TC MGUARD RS4000 4G VZW VPN

Product

Default Status

unaffected

Versions

Affected

From 0 before 8.9.3 (semver)

Problem Types

Type	CWE ID	Description
CWE	CWE-94	CWE-94 Improper Control of Generation of Code ('Code Injection')

Type: CWE

CWE ID: CWE-94

Description: CWE-94 Improper Control of Generation of Code ('Code Injection')

Metrics

Version	Base score	Base severity	Vector
3.1	8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Version: 3.1

Base score: 8.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Credits

finder

Andrea Palanca

reporter

Nozomi Networks Security Research Team

References

Hyperlink	Resource
https://cert.vde.com/en/advisories/VDE-2024-039	N/A

Hyperlink: https://cert.vde.com/en/advisories/VDE-2024-039

Resource: N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:info@cert.vde.com

Published At:10 Sep, 2024 | 09:15

Updated At:22 Aug, 2025 | 07:15

A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Secondary	3.1	8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CPE Matches

cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs4000_4g_vzw_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vzw_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs4000_4g_vzw_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs4000_4g_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs4000_4g_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs4000_4g_att_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_4g_att_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs4000_4g_att_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs4000_3g_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs4000_3g_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs2000_4g_vzw_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vzw_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs2000_4g_vzw_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs2000_4g_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs2000_4g_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_4g_att_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs2000_4g_att_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_4g_att_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs2000_4g_att_vpn>>-

cpe:2.3:o:phoenixcontact:tc_mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*

>>tc_mguard_rs2000_3g_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:tc_mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*

>>tc_mguard_rs2000_3g_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_smart2_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_smart2_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_smart2_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_smart2_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_smart2_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_smart2:-:*:*:*:*:*:*:*

>>fl_mguard_smart2>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs4004_tx\/dtx_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_rs4004_tx\/dtx_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs4004_tx\/dtx_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs4004_tx\/dtx_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs4004_tx\/dtx:-:*:*:*:*:*:*:*

>>fl_mguard_rs4004_tx\/dtx>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-p_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx-p_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-p:-:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx-p>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx-m_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx-m_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx-m:-:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx-m>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs4000_tx\/tx_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs4000_tx\/tx:-:*:*:*:*:*:*:*

>>fl_mguard_rs4000_tx\/tx>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs2005_tx_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_rs2005_tx_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs2000_tx\/tx_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_rs2000_tx\/tx_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_rs2000_tx\/tx-b_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_rs2000_tx\/tx-b_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_rs2000_tx\/tx-b:-:*:*:*:*:*:*:*

>>fl_mguard_rs2000_tx\/tx-b>>-

cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_pcie4000_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_pcie4000_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_pcie4000_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_pcie4000_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_pcie4000:-:*:*:*:*:*:*:*

>>fl_mguard_pcie4000>>-

cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_pci4000_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_pci4000_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_pci4000_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_pci4000_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_pci4000_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_pci4000:-:*:*:*:*:*:*:*

>>fl_mguard_pci4000>>-

cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_vpn_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_gt\/gt_vpn_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt_vpn:-:*:*:*:*:*:*:*

>>fl_mguard_gt\/gt_vpn>>-

cpe:2.3:o:phoenixcontact:fl_mguard_gt\/gt_firmware:*:*:*:*:*:*:*:*

>>fl_mguard_gt\/gt_firmware>>Versions before 8.9.3(exclusive)

cpe:2.3:h:phoenixcontact:fl_mguard_gt\/gt:-:*:*:*:*:*:*:*

>>fl_mguard_gt\/gt>>-

Weaknesses

CWE ID	Type	Source
CWE-94	Primary	info@cert.vde.com
NVD-CWE-noinfo	Secondary	nvd@nist.gov

CWE ID: CWE-94

Type: Primary

Source: info@cert.vde.com

CWE ID: NVD-CWE-noinfo

Type: Secondary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://cert.vde.com/en/advisories/VDE-2024-039	info@cert.vde.com	Third Party Advisory

Hyperlink: https://cert.vde.com/en/advisories/VDE-2024-039

Source: info@cert.vde.com

Resource:

Third Party Advisory

Similar CVEs

5Records found

CVE-2024-43393

Matching Score-10

Assigner-CERT@VDE

Matching Score-10

Assigner-CERT@VDE

CVSS Score-8.1||HIGH

EPSS-0.34% / 56.32%

7 Day CHG~0.00%

Published-10 Sep, 2024 | 08:45

Updated-22 Aug, 2025 | 07:15

Phoenix Contact: Configuration changes of the firewall services can lead to DoS in MGUARD devices

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS.

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2024-43391

Matching Score-10

Assigner-CERT@VDE

Matching Score-10

Assigner-CERT@VDE

CVSS Score-8.1||HIGH

EPSS-0.34% / 56.32%

7 Day CHG~0.00%

Published-10 Sep, 2024 | 08:44

Updated-22 Aug, 2025 | 07:15

Phoenix Contact: Firewall reconfiguration through the FW_PORTFORWARDING.SRC_IP in MGUARD devices

A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS.

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2024-43392

Matching Score-10

Assigner-CERT@VDE

Matching Score-10

Assigner-CERT@VDE

CVSS Score-8.1||HIGH

EPSS-0.34% / 56.32%

7 Day CHG~0.00%

Published-10 Sep, 2024 | 08:44

Updated-22 Aug, 2025 | 07:15

Phoenix Contact: Firewall reconfiguration through the FW_environment variables in MGUARD devices

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2024-43390

Matching Score-10

Assigner-CERT@VDE

Matching Score-10

Assigner-CERT@VDE

CVSS Score-8.1||HIGH

EPSS-0.34% / 56.32%

7 Day CHG~0.00%

Published-10 Sep, 2024 | 08:44

Updated-22 Aug, 2025 | 07:15

Phoenix Contact: Firewall reconfiguration due to improper input validation in MGUARD devices

A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2024-43388

Matching Score-6

Assigner-CERT@VDE

Matching Score-6

Assigner-CERT@VDE

CVSS Score-8.8||HIGH

EPSS-0.36% / 57.10%

7 Day CHG~0.00%

Published-10 Sep, 2024 | 08:44

Updated-22 Aug, 2025 | 07:15

Phoenix Contact: SNMP reconfiguration due to improper input validation in MGUARD devices

A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.