CVE-2020-12523 Phoenix Contact mGuard Devices versions before 8.8.3: LAN ports get functional after reboot even if they are disabled in the device configuration

🗓️ 17 Dec 2020 22:43:14Reported by CERTVDEType

CVE-2020-12523 Phoenix Contact mGuard Devices LAN ports vulnerabilit

Reporter	Title	Published	Views	Family All 7
CNNVD	Phoenix Contact mGuard Devices 安全漏洞	17 Dec 202000:00	–	cnnvd
CNVD	Unspecified Vulnerability in Phoenix Contact mGuard Devices	22 Dec 202000:00	–	cnvd
CVE	CVE-2020-12523	17 Dec 202022:43	–	cve
EUVD	EUVD-2020-4825	7 Oct 202500:30	–	euvd
NVD	CVE-2020-12523	17 Dec 202023:15	–	nvd
OSV	CVE-2020-12523	17 Dec 202023:15	–	osv
Prion	Design/Logic Flaw	17 Dec 202023:15	–	prion

[
  {
    "product": "TC MGUARD RS4000 4G VZW VPN (1010461)",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TC MGUARD RS4000 4G ATT VPN (1010463)",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "FL MGUARD RS4004 TX/DTX (2701876)",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "FL MGUARD RS4004 TX/DTX VPN (2701877)",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TC MGUARD RS4000 3G VPN (2903440)",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "TC MGUARD RS4000 4G VPN (2903586)",
    "vendor": "Phoenix Contact",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Innominate mGuard rs4000 4TX/TX",
    "vendor": "Innominate",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Innominate mGuard rs4000 4TX/TX VPN",
    "vendor": "Innominate",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Innominate mGuard rs4000 4TX/3G/TX VPN",
    "vendor": "Innominate",
    "versions": [
      {
        "lessThan": "8.8.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2020-046

17 Dec 2020 22:43Current

9.2High risk

Vulners AI Score9.2

CVSS 3.15.4

EPSS0.00888

CWE-909