| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| 2701876 | FL MGUARD RS4004 TX/DTX | < 8.8.3 |
| 2701877 | FL MGUARD RS4004 TX/DTX VPN | < 8.8.3 |
| mGuard rs4000 4TX/3G/TX VPN | < 8.8.3 | |
| mGuard rs4000 4TX/TX | < 8.8.3 | |
| mGuard rs4000 4TX/TX VPN | < 8.8.3 | |
| 2903440 | TC MGUARD RS4000 3G VPN | < 8.8.3 |
| 1010463 | TC MGUARD RS4000 4G ATT VPN | < 8.8.3 |
| 2903586 | TC MGUARD RS4000 4G VPN | < 8.8.3 |
| 1010461 | TC MGUARD RS4000 4G VZW VPN | < 8.8.3 |
For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource (CWE-909).
For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource.
After a reboot, affected mGuard devices may unexpectedly receive or send data on disabled switch ports. This includes the unexpected provision of administrative interfaces. Attackers may try to access confidential data or compromise the availability of mGuard services by flooding or resource exhaustion.
Mitigation
Instead of deactivating by configuration, network cables should be detached from affected switch
ports.
Solution
PHOENIX CONTACT recommends all mGuard users to upgrade to the firmware version 8.8.3.
This vulnerability was discovered by SMST Designers & Constructors B.V.