Design/Logic Flaw

2020-12-1723:15:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource

CPENameOperatorVersion
fl_mguard_rs4004_tx\\/dtx_firmwarelt8.8.3
fl_mguard_rs4004_tx\\/dtx_vpn_firmwarelt8.8.3
innominate_mguard_rs4000_4tx\\/3g\\/tx_vpn_firmwarelt8.8.3
innominate_mguard_rs4000_4tx\\/tx_firmwarelt8.8.3
innominate_mguard_rs4000_4tx\\/tx_vpn_firmwarelt8.8.3
tc_mguard_rs4000_4g_att_vpn_firmwarelt8.8.3
tc_mguard_rs4000_4g_vpn_firmwarelt8.8.3
tc_mguard_rs4000_4g_vzw_vpn_firmwarelt8.8.3

Name	Operator	Version
fl_mguard_rs4004_tx\\/dtx_firmware	lt	8.8.3
fl_mguard_rs4004_tx\\/dtx_vpn_firmware	lt	8.8.3
innominate_mguard_rs4000_4tx\\/3g\\/tx_vpn_firmware	lt	8.8.3
innominate_mguard_rs4000_4tx\\/tx_firmware	lt	8.8.3
innominate_mguard_rs4000_4tx\\/tx_vpn_firmware	lt	8.8.3
tc_mguard_rs4000_4g_att_vpn_firmware	lt	8.8.3
tc_mguard_rs4000_4g_vpn_firmware	lt	8.8.3
tc_mguard_rs4000_4g_vzw_vpn_firmware	lt	8.8.3

References

cert.vde.com/en-us/advisories/vde-2020-046