Input validation

2023-06-1307:15:00

PRIOn knowledge base

www.prio-n.com

input validation

udp packets

filter rules

flooding attacks

phoenix contact fl/tc mguard family

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.9%

JSON

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.

CPENameOperatorVersion
fl_mguard_2102_firmwarele10.1.1
fl_mguard_4102_pci_firmwarele10.1.1
fl_mguard_4102_pcie_firmwarele10.1.1
fl_mguard_4302_firmwarele10.1.1
fl_mguard_centerport_firmwarele8.9.0
fl_mguard_centerport_vpn-1000_firmwarele8.9.0
fl_mguard_core_tx_firmwarele8.9.0
fl_mguard_core_tx_vpn_firmwarele8.9.0
fl_mguard_delta_tx\\/tx_firmwarele8.9.0
fl_mguard_delta_tx\\/tx_vpn_firmwarele8.9.0

Name	Operator	Version
fl_mguard_2102_firmware	le	10.1.1
fl_mguard_4102_pci_firmware	le	10.1.1
fl_mguard_4102_pcie_firmware	le	10.1.1
fl_mguard_4302_firmware	le	10.1.1
fl_mguard_centerport_firmware	le	8.9.0
fl_mguard_centerport_vpn-1000_firmware	le	8.9.0
fl_mguard_core_tx_firmware	le	8.9.0
fl_mguard_core_tx_vpn_firmware	le	8.9.0
fl_mguard_delta_tx\\/tx_firmware	le	8.9.0
fl_mguard_delta_tx\\/tx_vpn_firmware	le	8.9.0

Rows per page:

1-10 of 261

References

cert.vde.com/en/advisories/VDE-2023-010/