Phoenix Contact Clears mGuard Issue

Thursday, May 11, 2017 @ 06:05 PM gHale

Phoenix Contact GmbH released new firmware to mitigate resource exhaustion and improper authentication vulnerabilities in its mGuard network device, according to a report with ICS-CERT.

Phoenix Contact’s mGuard firmware versions 8.3.0 to 8.4.2 suffer from the remotely exploitable vulnerabilities that were self-reported.

Satel Iberia Fixes, Logger, Meter
Siemens Fix for Devices Using PROFINET DCP
Siemens Firmware Updates for PROFINET DCP
Siemens Updates SIMATIC Vulnerability

Successful exploitation of these vulnerabilities could allow an attacker to disrupt the availability of the device and gain unauthorized access to the device.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level would be able to leverage the vulnerabilities.

In the resource exhaustion issue, an attacker may compromise the device’s availability by performing multiple initial VPN requests.

CVE-2017-7935 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

In the improper authentication vulnerability, an attacker may be able to gain unauthorized access to the user firewall when RADIUS servers are unreachable.

CVE-2017-7937 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.0.

The product sees use mainly in the critical manufacturing sector. It sees action on a global basis.

Germany-based Phoenix Contact GmbH recommends users upgrade to firmware Version 8.5.0, or higher, to mitigate the vulnerabilities.

Leave a Reply

You must be logged in to post a comment.