CVE-2023-2673

MEDIUM

PHOENIX CONTACT FL/TC MGUARD - DoS

Title source: llm

Description

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.

References (1)

[Mitigation, Third Party Advisory] https://cert.vde.com/en/advisories/VDE-2023-010/

Scores

CVSS v3 5.3

EPSS 0.0002

EPSS Percentile 6.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-1287

Status published

Affected Products (26)

phoenixcontact/fl_mguard_2102_firmware < 10.1.1

phoenixcontact/fl_mguard_4102_pci_firmware < 10.1.1

phoenixcontact/fl_mguard_4102_pcie_firmware < 10.1.1

phoenixcontact/fl_mguard_4302_firmware < 10.1.1

phoenixcontact/fl_mguard_centerport_firmware < 8.9.0

phoenixcontact/fl_mguard_centerport_vpn-1000_firmware < 8.9.0

phoenixcontact/fl_mguard_core_tx_firmware < 8.9.0

phoenixcontact/fl_mguard_core_tx_vpn_firmware < 8.9.0

phoenixcontact/fl_mguard_delta_tx\/tx_firmware < 8.9.0

phoenixcontact/fl_mguard_delta_tx\/tx_vpn_firmware < 8.9.0

phoenixcontact/fl_mguard_gt\/gt_firmware < 8.9.0

phoenixcontact/fl_mguard_gt\/gt_vpn_firmware < 8.9.0

phoenixcontact/fl_mguard_pci4000_firmware < 8.9.0

phoenixcontact/fl_mguard_pci4000_vpn_firmware < 8.9.0

phoenixcontact/fl_mguard_pcie4000_firmware < 8.9.0

... and 11 more

Timeline

Published Jun 13, 2023

Tracked Since Feb 18, 2026