VDE-2024-051
Last update
14.05.2025 15:00
Published at
10.09.2024 12:00
Vendor(s)
Phoenix Contact GmbH & Co. KG
External ID
VDE-2024-051
CSAF Document
Summary
mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.
Impact
Attackers can inject code in the SSH server, which is run with high privileges.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| 1357828 | FL MGUARD 2102 | Firmware <10.4.1 |
| 1357850 | FL MGUARD 2105 | Firmware <10.4.1 |
| 1441187 | FL MGUARD 4102 PCI | Firmware <10.4.1 |
| 1357842 | FL MGUARD 4102 PCIE | Firmware <10.4.1 |
| 1357840 | FL MGUARD 4302 | Firmware <10.4.1 |
| 1357875 | FL MGUARD 4305 | Firmware <10.4.1 |
| 2702547 | FL MGUARD CENTERPORT | Firmware <8.9.3 |
| 2702820 | FL MGUARD CENTERPORT VPN-1000 | Firmware <8.9.3 |
| 2702884 | FL MGUARD CORE TX | Firmware <8.9.3 |
| 2702831 | FL MGUARD CORE TX VPN | Firmware <8.9.3 |
| 2700967 | FL MGUARD DELTA TX/TX | Firmware <8.9.3 |
| 2700968 | FL MGUARD DELTA TX/TX VPN | Firmware <8.9.3 |
| 2700197 | FL MGUARD GT/GT | Firmware <8.9.3 |
| 2700198 | FL MGUARD GT/GT VPN | Firmware <8.9.3 |
| 2701274 | FL MGUARD PCI4000 | Firmware <8.9.3 |
| 2701275 | FL MGUARD PCI4000 VPN | Firmware <8.9.3 |
| 2701277 | FL MGUARD PCIE4000 | Firmware <8.9.3 |
| 2701278 | FL MGUARD PCIE4000 VPN | Firmware <8.9.3 |
| 2700642 | FL MGUARD RS2000 TX/TX VPN | Firmware <8.9.3 |
| 2702139 | FL MGUARD RS2000 TX/TX-B | Firmware <8.9.3 |
| 2701875 | FL MGUARD RS2005 TX VPN | Firmware <8.9.3 |
| 2700634 | FL MGUARD RS4000 TX/TX | Firmware <8.9.3 |
| 2200515 | FL MGUARD RS4000 TX/TX VPN | Firmware <8.9.3 |
| 2702470 | FL MGUARD RS4000 TX/TX-M | Firmware <8.9.3 |
| 2702259 | FL MGUARD RS4000 TX/TX-P | Firmware <8.9.3 |
| 2701876 | FL MGUARD RS4004 TX/DTX | Firmware <8.9.3 |
| 2701877 | FL MGUARD RS4004 TX/DTX VPN | Firmware <8.9.3 |
| 2700640 | FL MGUARD SMART2 | Firmware <8.9.3 |
| 2700639 | FL MGUARD SMART2 VPN | Firmware <8.9.3 |
| 2903441 | TC MGUARD RS2000 3G VPN | Firmware <8.9.3 |
| 1010464 | TC MGUARD RS2000 4G ATT VPN | Firmware <8.9.3 |
| 2903588 | TC MGUARD RS2000 4G VPN | Firmware <8.9.3 |
| 1010462 | TC MGUARD RS2000 4G VZW VPN | Firmware <8.9.3 |
| 2903440 | TC MGUARD RS4000 3G VPN | Firmware <8.9.3 |
| 1010463 | TC MGUARD RS4000 4G ATT VPN | Firmware <8.9.3 |
| 2903586 | TC MGUARD RS4000 4G VPN | Firmware <8.9.3 |
| 1010461 | TC MGUARD RS4000 4G VZW VPN | Firmware <8.9.3 |
Vulnerabilities
Expand / Collapse all
Published
22.09.2025 14:57
Severity
Weakness
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362)
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
References
Mitigation
Access to the SSH server should be limited to trustworthy networks or peers.
Remote access to the SSH server should be disabled.
Remediation
Phoenix Contact strongly recommends upgrading affected mGuard devices to firmware version 8.9.3 / 10.4.1 or higher which fixes this vulnerability.
Revision History
| Version | Date | Summary |
|---|---|---|
| 1 | 10.09.2024 12:00 | Initial revision. |
| 2 | 06.11.2024 12:27 | Fix: correct certvde domain, added self-reference |
| 3 | 10.04.2025 15:00 | Fixed CSAF reference URL |
| 4 | 14.05.2025 15:00 | Fix: added distribution |