CVE-2017-7937

MEDIUM

Phoenix Contact Gmbh Mguard Firmware - Authentication Bypass

Title source: rule

Description

An Improper Authentication issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may be able to gain unauthorized access to the user firewall when RADIUS servers are unreachable.

References (1)

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-17-131-01

Scores

CVSS v3 4.0

EPSS 0.0015

EPSS Percentile 35.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

Details

CWE

CWE-287

Status published

Products (7)

phoenix_contact_gmbh/mguard_firmware

n/a/Phoenix Contact GmbH mGuard < Phoenix Contact GmbH mGuard

Published May 19, 2017

Tracked Since Feb 18, 2026