VDE-2017-001
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2017-03-07 11:05 - Updated: 2025-05-22 13:03Summary
PHOENIX CONTACT: mGuard IKE daemon remote denial of service
Notes
Summary: Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
Impact: Specially crafted IKEv2 packets may force an IKE daemon restart and force a restart of all IPsec connections. There is no access to sensitive information or tunnel content possible by this attack.
Remediation: PHOENIX CONTACT and Innominate recommend all customers running mGuard devices with affected firmware versions to update to firmware version 8.5.2 or higher, which fixes this vulnerability. Updates can be found on the vendor's 'Downloads' page for each of the affected devices.
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
CWE-476 - NULL Pointer Dereference
Mitigation
PHOENIX CONTACT and Innominate recommend all customers running mGuard devices with affected firmware versions to update to firmware version 8.5.2 or higher, which fixes this vulnerability. Updates can be found on the vendor's 'Downloads' page for each of the affected devices.
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-3201 | — | ||
| Unresolved product id: CSAFPID-3202 | — | ||
| Unresolved product id: CSAFPID-3203 | — | ||
| Unresolved product id: CSAFPID-3204 | — | ||
| Unresolved product id: CSAFPID-3205 | — | ||
| Unresolved product id: CSAFPID-3206 | — | ||
| Unresolved product id: CSAFPID-3207 | — | ||
| Unresolved product id: CSAFPID-3208 | — | ||
| Unresolved product id: CSAFPID-3209 | — | ||
| Unresolved product id: CSAFPID-3210 | — | ||
| Unresolved product id: CSAFPID-3211 | — | ||
| Unresolved product id: CSAFPID-3212 | — | ||
| Unresolved product id: CSAFPID-3213 | — | ||
| Unresolved product id: CSAFPID-3214 | — | ||
| Unresolved product id: CSAFPID-3215 | — | ||
| Unresolved product id: CSAFPID-3216 | — | ||
| Unresolved product id: CSAFPID-3217 | — | ||
| Unresolved product id: CSAFPID-3218 | — | ||
| Unresolved product id: CSAFPID-3219 | — | ||
| Unresolved product id: CSAFPID-3220 | — | ||
| Unresolved product id: CSAFPID-3221 | — | ||
| Unresolved product id: CSAFPID-3222 | — | ||
| Unresolved product id: CSAFPID-3223 | — | ||
| Unresolved product id: CSAFPID-3224 | — |
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-3101 | — | ||
| Unresolved product id: CSAFPID-3102 | — | ||
| Unresolved product id: CSAFPID-3103 | — | ||
| Unresolved product id: CSAFPID-3104 | — | ||
| Unresolved product id: CSAFPID-3105 | — | ||
| Unresolved product id: CSAFPID-3106 | — | ||
| Unresolved product id: CSAFPID-3107 | — | ||
| Unresolved product id: CSAFPID-3108 | — | ||
| Unresolved product id: CSAFPID-3109 | — | ||
| Unresolved product id: CSAFPID-3110 | — | ||
| Unresolved product id: CSAFPID-3111 | — | ||
| Unresolved product id: CSAFPID-3112 | — | ||
| Unresolved product id: CSAFPID-3113 | — | ||
| Unresolved product id: CSAFPID-3114 | — | ||
| Unresolved product id: CSAFPID-3115 | — | ||
| Unresolved product id: CSAFPID-3116 | — | ||
| Unresolved product id: CSAFPID-3117 | — | ||
| Unresolved product id: CSAFPID-3118 | — | ||
| Unresolved product id: CSAFPID-3119 | — | ||
| Unresolved product id: CSAFPID-3120 | — | ||
| Unresolved product id: CSAFPID-3121 | — | ||
| Unresolved product id: CSAFPID-3122 | — | ||
| Unresolved product id: CSAFPID-3123 | — | ||
| Unresolved product id: CSAFPID-3124 | — |
References
4 references
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.",
"title": "Summary"
},
{
"category": "description",
"text": "Specially crafted IKEv2 packets may force an IKE daemon restart and force a restart of all IPsec connections. There is no access to sensitive information or tunnel content possible by this attack.",
"title": "Impact"
},
{
"category": "description",
"text": "PHOENIX CONTACT and Innominate recommend all customers running mGuard devices with affected firmware versions to update to firmware version 8.5.2 or higher, which fixes this vulnerability. Updates can be found on the vendor\u0027s \u0027Downloads\u0027 page for each of the affected devices.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "Phoenix Contact PSIRT",
"url": "https://www.phoenixcontact.com/de-de/service-und-support/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Phoenix Contact",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2017-001: PHOENIX CONTACT: mGuard IKE daemon remote denial of service - HTML",
"url": "https://certvde.com/en/advisories/VDE-2017-001/"
},
{
"category": "self",
"summary": "VDE-2017-001: PHOENIX CONTACT: mGuard IKE daemon remote denial of service - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2017/vde-2017-001.json"
}
],
"title": "PHOENIX CONTACT: mGuard IKE daemon remote denial of service",
"tracking": {
"aliases": [
"VDE-2017-001"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2024-10-29T13:54:48.293Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.13"
}
},
"id": "VDE-2017-001",
"initial_release_date": "2017-03-07T11:05:00.000Z",
"revision_history": [
{
"date": "2017-03-07T11:05:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2024-10-30T11:27:55.000Z",
"number": "2",
"summary": "Fix: correct certvde domain, added self-reference"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "3",
"summary": "Fix: version space, removed ia, quotation mark"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "FL MGUARD CENTERPORT",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD CENTERPORT",
"product_id": "CSAFPID-1101",
"product_identification_helper": {
"model_numbers": [
"2702547"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD DELTA TX/TX",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-1102",
"product_identification_helper": {
"model_numbers": [
"2700967"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD DELTA TX/TX VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-1103",
"product_identification_helper": {
"model_numbers": [
"2700968"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD GT/GT",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD GT/GT",
"product_id": "CSAFPID-1104",
"product_identification_helper": {
"model_numbers": [
"2700197"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD GT/GT VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-1105",
"product_identification_helper": {
"model_numbers": [
"2700198"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCI4000",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD PCI4000",
"product_id": "CSAFPID-1106",
"product_identification_helper": {
"model_numbers": [
"2701274"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCI4000 VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-1107",
"product_identification_helper": {
"model_numbers": [
"2701275"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD PCIE4000 VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-1108",
"product_identification_helper": {
"model_numbers": [
"2701278"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS",
"product_id": "CSAFPID-1109",
"product_identification_helper": {
"model_numbers": [
"2989310"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2000 TX/TX VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-1110",
"product_identification_helper": {
"model_numbers": [
"2700642"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS2005 TX VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-1111",
"product_identification_helper": {
"model_numbers": [
"2701875"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-1112",
"product_identification_helper": {
"model_numbers": [
"2700634"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX-P",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-1113",
"product_identification_helper": {
"model_numbers": [
"2702259"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-1114",
"product_identification_helper": {
"model_numbers": [
"2200515"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4000 TX/TX VPN-M",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX VPN-M",
"product_id": "CSAFPID-1115",
"product_identification_helper": {
"model_numbers": [
"2702465"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4004 TX/DTX",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-1116",
"product_identification_helper": {
"model_numbers": [
"2701876"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS4004 TX/DTX VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-1117",
"product_identification_helper": {
"model_numbers": [
"2701877"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD RS VPN ANALOG",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD RS VPN ANALOG",
"product_id": "CSAFPID-1118",
"product_identification_helper": {
"model_numbers": [
"2989718"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD SMART2",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD SMART2",
"product_id": "CSAFPID-1119",
"product_identification_helper": {
"model_numbers": [
"2700640"
]
}
}
},
{
"category": "product_name",
"name": "FL MGUARD SMART2 VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-1120",
"product_identification_helper": {
"model_numbers": [
"2700639"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 3G VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-1121",
"product_identification_helper": {
"model_numbers": [
"2903441"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS2000 4G VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-1122",
"product_identification_helper": {
"model_numbers": [
"2903588"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 3G VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-1123",
"product_identification_helper": {
"model_numbers": [
"2903440"
]
}
}
},
{
"category": "product_name",
"name": "TC MGUARD RS4000 4G VPN",
"product": {
"name": "Phoenix Contact Hardware mGuard TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-1124",
"product_identification_helper": {
"model_numbers": [
"2903586"
]
}
}
}
],
"category": "product_family",
"name": "mGuard"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.5.2",
"product": {
"name": "Phoenix Contact Firmware mGuard 8.5.2",
"product_id": "CSAFPID-2201"
}
},
{
"category": "product_version_range",
"name": "8.0.0\u003c=8.5.1",
"product": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1",
"product_id": "CSAFPID-2101"
}
}
],
"category": "product_family",
"name": "mGuard"
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-3101",
"CSAFPID-3102",
"CSAFPID-3103",
"CSAFPID-3104",
"CSAFPID-3105",
"CSAFPID-3106",
"CSAFPID-3107",
"CSAFPID-3108",
"CSAFPID-3109",
"CSAFPID-3110",
"CSAFPID-3111",
"CSAFPID-3112",
"CSAFPID-3113",
"CSAFPID-3114",
"CSAFPID-3115",
"CSAFPID-3116",
"CSAFPID-3117",
"CSAFPID-3118",
"CSAFPID-3119",
"CSAFPID-3120",
"CSAFPID-3121",
"CSAFPID-3122",
"CSAFPID-3123",
"CSAFPID-3124"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-3201",
"CSAFPID-3202",
"CSAFPID-3203",
"CSAFPID-3204",
"CSAFPID-3205",
"CSAFPID-3206",
"CSAFPID-3207",
"CSAFPID-3208",
"CSAFPID-3209",
"CSAFPID-3210",
"CSAFPID-3211",
"CSAFPID-3212",
"CSAFPID-3213",
"CSAFPID-3214",
"CSAFPID-3215",
"CSAFPID-3216",
"CSAFPID-3217",
"CSAFPID-3218",
"CSAFPID-3219",
"CSAFPID-3220",
"CSAFPID-3221",
"CSAFPID-3222",
"CSAFPID-3223",
"CSAFPID-3224"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD CENTERPORT",
"product_id": "CSAFPID-3101"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1101"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-3102"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1102"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-3103"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1103"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD GT/GT",
"product_id": "CSAFPID-3104"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1104"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-3105"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1105"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD PCI4000",
"product_id": "CSAFPID-3106"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1106"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-3107"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1107"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-3108"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1108"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS",
"product_id": "CSAFPID-3109"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1109"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-3110"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1110"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-3111"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1111"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-3112"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1112"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-3113"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1113"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-3114"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1114"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX VPN-M",
"product_id": "CSAFPID-3115"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1115"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-3116"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1116"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-3117"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1117"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD RS VPN ANALOG",
"product_id": "CSAFPID-3118"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1118"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD SMART2",
"product_id": "CSAFPID-3119"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1119"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-3120"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1120"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-3121"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1121"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-3122"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1122"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-3123"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1123"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.0.0\u003c=8.5.1 installed on Phoenix Contact Hardware mGuard TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-3124"
},
"product_reference": "CSAFPID-2101",
"relates_to_product_reference": "CSAFPID-1124"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD CENTERPORT",
"product_id": "CSAFPID-3201"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1101"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD DELTA TX/TX",
"product_id": "CSAFPID-3202"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1102"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD DELTA TX/TX VPN",
"product_id": "CSAFPID-3203"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1103"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD GT/GT",
"product_id": "CSAFPID-3204"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1104"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD GT/GT VPN",
"product_id": "CSAFPID-3205"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1105"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD PCI4000",
"product_id": "CSAFPID-3206"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1106"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD PCI4000 VPN",
"product_id": "CSAFPID-3207"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1107"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD PCIE4000 VPN",
"product_id": "CSAFPID-3208"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1108"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS",
"product_id": "CSAFPID-3209"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1109"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS2000 TX/TX VPN",
"product_id": "CSAFPID-3210"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1110"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS2005 TX VPN",
"product_id": "CSAFPID-3211"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1111"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX",
"product_id": "CSAFPID-3212"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1112"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX-P",
"product_id": "CSAFPID-3213"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1113"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX VPN",
"product_id": "CSAFPID-3214"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1114"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4000 TX/TX VPN-M",
"product_id": "CSAFPID-3215"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1115"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4004 TX/DTX",
"product_id": "CSAFPID-3216"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1116"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS4004 TX/DTX VPN",
"product_id": "CSAFPID-3217"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1117"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD RS VPN ANALOG",
"product_id": "CSAFPID-3218"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1118"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD SMART2",
"product_id": "CSAFPID-3219"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1119"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard FL MGUARD SMART2 VPN",
"product_id": "CSAFPID-3220"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1120"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard TC MGUARD RS2000 3G VPN",
"product_id": "CSAFPID-3221"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1121"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard TC MGUARD RS2000 4G VPN",
"product_id": "CSAFPID-3222"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1122"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard TC MGUARD RS4000 3G VPN",
"product_id": "CSAFPID-3223"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1123"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Phoenix Contact Firmware mGuard 8.5.2 installed on Phoenix Contact Hardware mGuard TC MGUARD RS4000 4G VPN",
"product_id": "CSAFPID-3224"
},
"product_reference": "CSAFPID-2201",
"relates_to_product_reference": "CSAFPID-1124"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-6466",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-3201",
"CSAFPID-3202",
"CSAFPID-3203",
"CSAFPID-3204",
"CSAFPID-3205",
"CSAFPID-3206",
"CSAFPID-3207",
"CSAFPID-3208",
"CSAFPID-3209",
"CSAFPID-3210",
"CSAFPID-3211",
"CSAFPID-3212",
"CSAFPID-3213",
"CSAFPID-3214",
"CSAFPID-3215",
"CSAFPID-3216",
"CSAFPID-3217",
"CSAFPID-3218",
"CSAFPID-3219",
"CSAFPID-3220",
"CSAFPID-3221",
"CSAFPID-3222",
"CSAFPID-3223",
"CSAFPID-3224"
],
"known_affected": [
"CSAFPID-3101",
"CSAFPID-3102",
"CSAFPID-3103",
"CSAFPID-3104",
"CSAFPID-3105",
"CSAFPID-3106",
"CSAFPID-3107",
"CSAFPID-3108",
"CSAFPID-3109",
"CSAFPID-3110",
"CSAFPID-3111",
"CSAFPID-3112",
"CSAFPID-3113",
"CSAFPID-3114",
"CSAFPID-3115",
"CSAFPID-3116",
"CSAFPID-3117",
"CSAFPID-3118",
"CSAFPID-3119",
"CSAFPID-3120",
"CSAFPID-3121",
"CSAFPID-3122",
"CSAFPID-3123",
"CSAFPID-3124"
]
},
"release_date": "2014-01-26T11:00:00.000Z",
"remediations": [
{
"category": "mitigation",
"details": "PHOENIX CONTACT and Innominate recommend all customers running mGuard devices with affected firmware versions to update to firmware version 8.5.2 or higher, which fixes this vulnerability. Updates can be found on the vendor\u0027s \u0027Downloads\u0027 page for each of the affected devices.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5,
"confidentialityImpact": "NONE",
"environmentalScore": 5,
"integrityImpact": "NONE",
"temporalScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-3101",
"CSAFPID-3102",
"CSAFPID-3103",
"CSAFPID-3104",
"CSAFPID-3105",
"CSAFPID-3106",
"CSAFPID-3107",
"CSAFPID-3108",
"CSAFPID-3109",
"CSAFPID-3110",
"CSAFPID-3111",
"CSAFPID-3112",
"CSAFPID-3113",
"CSAFPID-3114",
"CSAFPID-3115",
"CSAFPID-3116",
"CSAFPID-3117",
"CSAFPID-3118",
"CSAFPID-3119",
"CSAFPID-3120",
"CSAFPID-3121",
"CSAFPID-3122",
"CSAFPID-3123",
"CSAFPID-3124"
]
},
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 0,
"confidentialityImpact": "NONE",
"environmentalScore": 0,
"integrityImpact": "NONE",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-3201",
"CSAFPID-3202",
"CSAFPID-3203",
"CSAFPID-3204",
"CSAFPID-3205",
"CSAFPID-3206",
"CSAFPID-3207",
"CSAFPID-3208",
"CSAFPID-3209",
"CSAFPID-3210",
"CSAFPID-3211",
"CSAFPID-3212",
"CSAFPID-3213",
"CSAFPID-3214",
"CSAFPID-3215",
"CSAFPID-3216",
"CSAFPID-3217",
"CSAFPID-3218",
"CSAFPID-3219",
"CSAFPID-3220",
"CSAFPID-3221",
"CSAFPID-3222",
"CSAFPID-3223",
"CSAFPID-3224"
]
}
],
"title": "CVE-2013-6466"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…