CVE-2023-2673

MEDIUM

PHOENIX CONTACT FL/TC MGUARD - DoS

Title source: llm

Description

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.

References (1)

[Mitigation, Third Party Advisory] https://cert.vde.com/en/advisories/VDE-2023-010/

Scores

CVSS v3 5.3

EPSS 0.0003

EPSS Percentile 6.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-1287

Status published

Products (26)

phoenixcontact/fl_mguard_2102_firmware < 10.1.1

phoenixcontact/fl_mguard_4102_pci_firmware < 10.1.1

phoenixcontact/fl_mguard_4102_pcie_firmware < 10.1.1

phoenixcontact/fl_mguard_4302_firmware < 10.1.1

phoenixcontact/fl_mguard_centerport_firmware < 8.9.0

phoenixcontact/fl_mguard_centerport_vpn-1000_firmware < 8.9.0

phoenixcontact/fl_mguard_core_tx_firmware < 8.9.0

phoenixcontact/fl_mguard_core_tx_vpn_firmware < 8.9.0

phoenixcontact/fl_mguard_delta_tx\/tx_firmware < 8.9.0

phoenixcontact/fl_mguard_delta_tx\/tx_vpn_firmware < 8.9.0

... and 16 more

Published Jun 13, 2023

Tracked Since Feb 18, 2026