SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-395752753] PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-09-07OtherPHOENIX CONTACTPHOENIX CONTACT has reported this vulnerability via CERT@VDE to ICS-CERT. N/ACVE-2013-6466 N/AN/AN/A

Source

						
							
								
#
# PHOENIX CONTACT, Innominate Security Technologies mGuard Firmware
#


### VULNERABLE VENDOR
PHOENIX CONTACT


### VULNERABLE PRODUCT
mGuard firmware



### RESEARCHER
PHOENIX CONTACT has reported this vulnerability via CERT@VDE to ICS-CERT.



### AFFECTED PRODUCTS

The following versions of mGuard firmware versions 8.0.0 to 8.5.1, running on these mGuard Network Security Appliances, are affected:

FL MGUARD RS4000 TX/TX VPN,
FL MGUARD GT/GT,
FL MGUARD GT/GT VPN,
FL MGUARD RS4000 TX/TX,
FL MGUARD SMART2 VPN,
FL MGUARD SMART2,
FL MGUARD RS2000 TX/TX VPN,
FL MGUARD DELTA TX/TX,
FL MGUARD DELTA TX/TX VPN,
FL MGUARD PCI4000,
FL MGUARD PCI4000 VPN,
FL MGUARD PCIE4000 VPN,
FL MGUARD RS2005 TX VPN,
FL MGUARD RS4004 TX/DTX,
FL MGUARD RS4004 TX/DTX VPN,
FL MGUARD RS4000 TX/TX-P,
FL MGUARD RS4000 TX/TX VPN-M,
FL MGUARD CENTERPORT,
FL MGUARD RS,
FL MGUARD RS VPN ANALOG,
TC MGUARD RS2000 3G VPN,
TC MGUARD RS4000 3G VPN,
TC MGUARD RS2000 4G VPN, and
TC MGUARD RS4000 4G VPN.



### IMPACT

Successful exploitation of this vulnerability could allow attackers to cause a remote denial of service and force a restart of all IPSec connections.



### VULNERABILITY OVERVIEW

NULL POINTER DEREFERENCE CWE-476
Openswan 2.6.39 and earlier, which is used in the mGuard firmware version 8.0.0 to 8.5.1, allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
CVE-2013-6466 has been assigned to this vulnerability.
A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Communications, Critical Manufacturing, Information Technology
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Germany




### MITIGATION

PHOENIX CONTACT and Innominate Security Technologies recommend all users running mGuard devices with affected firmware versions to update to firmware Version 8.5.2 or higher, which fixes this vulnerability. Links to updates and additional information can be found in the CERT@VDE advisory at the following location:

https://cert.vde.com/de-de/advisories/vde-2017-001