| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| 2702547 | FL MGUARD CENTERPORT | 8.0.0 <= 8.5.1 |
| 2700967 | FL MGUARD DELTA TX/TX | 8.0.0 <= 8.5.1 |
| 2700968 | FL MGUARD DELTA TX/TX VPN | 8.0.0 <= 8.5.1 |
| 2700197 | FL MGUARD GT/GT | 8.0.0 <= 8.5.1 |
| 2700198 | FL MGUARD GT/GT VPN | 8.0.0 <= 8.5.1 |
| 2701274 | FL MGUARD PCI4000 | 8.0.0 <= 8.5.1 |
| 2701275 | FL MGUARD PCI4000 VPN | 8.0.0 <= 8.5.1 |
| 2701278 | FL MGUARD PCIE4000 VPN | 8.0.0 <= 8.5.1 |
| 2989310 | FL MGUARD RS | 8.0.0 <= 8.5.1 |
| 2700642 | FL MGUARD RS2000 TX/TX VPN | 8.0.0 <= 8.5.1 |
| 2701875 | FL MGUARD RS2005 TX VPN | 8.0.0 <= 8.5.1 |
| 2700634 | FL MGUARD RS4000 TX/TX | 8.0.0 <= 8.5.1 |
| 2702259 | FL MGUARD RS4000 TX/TX-P | 8.0.0 <= 8.5.1 |
| 2200515 | FL MGUARD RS4000 TX/TX VPN | 8.0.0 <= 8.5.1 |
| 2702465 | FL MGUARD RS4000 TX/TX VPN-M | 8.0.0 <= 8.5.1 |
| 2701876 | FL MGUARD RS4004 TX/DTX | 8.0.0 <= 8.5.1 |
| 2701877 | FL MGUARD RS4004 TX/DTX VPN | 8.0.0 <= 8.5.1 |
| 2989718 | FL MGUARD RS VPN ANALOG | 8.0.0 <= 8.5.1 |
| 2700640 | FL MGUARD SMART2 | 8.0.0 <= 8.5.1 |
| 2700639 | FL MGUARD SMART2 VPN | 8.0.0 <= 8.5.1 |
| 2903441 | TC MGUARD RS2000 3G VPN | 8.0.0 <= 8.5.1 |
| 2903588 | TC MGUARD RS2000 4G VPN | 8.0.0 <= 8.5.1 |
| 2903440 | TC MGUARD RS4000 3G VPN | 8.0.0 <= 8.5.1 |
| 2903586 | TC MGUARD RS4000 4G VPN | 8.0.0 <= 8.5.1 |
Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
Specially crafted IKEv2 packets may force an IKE daemon restart and force a restart of all IPsec connections. There is no access to sensitive information or tunnel content possible by this attack.
PHOENIX CONTACT and Innominate recommend all customers running mGuard devices with affected firmware versions to update to firmware version 8.5.2 or higher, which fixes this vulnerability. Updates can be found on the vendor’s „Downloads“ page for each of the affected devices:
| Art. No. | Description | Link |
|---|---|---|
| 2200515 | FL MGUARD RS4000 TX/TX VPN | Downloads |
| 2700197 | FL MGUARD GT/GT | Downloads |
| 2700198 | FL MGUARD GT/GT VPN | Downloads |
| 2700634 | FL MGUARD RS4000 TX/TX | Downloads |
| 2700639 | FL MGUARD SMART2 VPN | Downloads |
| 2700640 | FL MGUARD SMART2 | Downloads |
| 2700642 | FL MGUARD RS2000 TX/TX VPN | Downloads |
| 2700967 | FL MGUARD DELTA TX/TX | Downloads |
| 2700968 | FL MGUARD DELTA TX/TX VPN | Downloads |
| 2701274 | FL MGUARD PCI4000 | Downloads |
| 2701275 | FL MGUARD PCI4000 VPN | Downloads |
| 2701278 | FL MGUARD PCIE4000 VPN | Downloads |
| 2701875 | FL MGUARD RS2005 TX VPN | Downloads |
| 2701876 | FL MGUARD RS4004 TX/DTX | Downloads |
| 2701877 | FL MGUARD RS4004 TX/DTX VPN | Downloads |
| 2702259 | FL MGUARD RS4000 TX/TX-P | Downloads |
| 2702465 | FL MGUARD RS4000 TX/TX VPN-M | Downloads |
| 2702547 | FL MGUARD CENTERPORT | Downloads |
| 2989310 | FL MGUARD RS | Downloads |
| 2989718 | FL MGUARD RS VPN ANALOG | Downloads |
| 2903441 | TC MGUARD RS2000 3G VPN | Downloads |
| 2903440 | TC MGUARD RS4000 3G VPN | Downloads |
| 2903588 | TC MGUARD RS2000 4G VPN | Downloads |
| 2903586 | TC MGUARD RS4000 4G VPN | Downloads |