CVE-2021-34598
HIGHPhoenix Contact FL MGUARD 1102 and 1105 1.4.0-1.5.0 - Use-After-Free in Remote Logging
Title source: llmDescription
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://cert.vde.com/en/advisories/VDE-2021-046/
Scores
CVSS v3
7.5
EPSS
0.0090
EPSS Percentile
55.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-401
Status
published
Products (6)
phoenixcontact/fl_mguard_1102_firmware
1.4.0
phoenixcontact/fl_mguard_1102_firmware
1.4.1
phoenixcontact/fl_mguard_1102_firmware
1.5.0
phoenixcontact/fl_mguard_1105_firmware
1.4.0
phoenixcontact/fl_mguard_1105_firmware
1.4.1
phoenixcontact/fl_mguard_1105_firmware
1.5.0
Published
Nov 10, 2021
Tracked Since
Feb 18, 2026