SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-473462102] Phoenix Contact mGuard

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-01-17OtherPhoenix ContactThis vulnerability was discovered by Phoenix Contact. N/ACVE-2017-5159 N/AN/AN/A

Source

						
							
								
#
# Phoenix Contact mGuard
#


### VULNERABLE VENDOR
Phoenix Contact


### VULNERABLE PRODUCT
mGuard



### RESEARCHER



### AFFECTED PRODUCTS

Phoenix Contact reports that the vulnerability affects the following mGuard products:

Only devices that have been updated to Version 8.4.0 are affected.



### IMPACT

This vulnerability could allow an attacker to log into the system with administrative privileges.



### VULNERABILITY OVERVIEW

RESOURCE INJECTION CWE-99
When updating an mGuard device to Version 8.4.0 via the update-upload facility, the update will succeed, but it will reset the password of the admin user to its default value.
CVE-2017-5159 has been assigned to this vulnerability.
A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)





### BACKGROUND



### MITIGATION

Phoenix Contact recommends users update to Version 8.4.1 (or higher, if applicable). If an update to Version 8.4.0 already has been performed, please change the "admin" password via WebUI or command line. If SSH or HTTPS access was possible from untrusted sources after an update to Version 8.4.0, please flash the device and exchange all private keys and passphrases in the configuration.

To view the advisory published by Phoenix Contact, navigate to the product page on www.phoenixcontact.com


and then find the document in the "various" section of the product download page.