Advisories

For CVSS 2.0, 3.0 and 3.2
VDE-2017-004
May 14, 2025, 2:28 PM

PHOENIX CONTACT: FL COMSERVER cross-site scripting (XSS) vulnerability

A cross-site scripting (XSS) vulnerability affects PHOENIX CONTACT FL COMSERVER products running firmware versions prior to 1.99, 2.20, or 2.40.
CVE-2017-16723
VDE-2017-003
May 14, 2025, 2:28 PM

PHOENIX CONTACT: WLAN enabled devices utilising WPA2 encryption

Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise …
CVE-2017-13077
CVE-2017-13080
CVE-2017-13078
VDE-2017-002
May 22, 2025, 3:03 PM

PHOENIX CONTACT: mGuard device manager (mdm) multiple vulnerabilities in Java SE

Multiple security issues and vulnerabilities in Oracle Java SE possibly affecting mGuard device manager (mdm / FL MGUARD DM) 1.8.0 and older.
CVE-2017-10102
CVE-2017-10116
CVE-2017-10078
CVE-2017-10176
CVE-2017-10118
CVE-2017-10115
CVE-2017-10198
CVE-2017-10135
CVE-2017-10108
CVE-2017-10053
VDE-2017-001
May 22, 2025, 3:03 PM

PHOENIX CONTACT: mGuard IKE daemon remote denial of service

Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon …
CVE-2013-6466