CVE-2023-2673
MEDIUMPHOENIX CONTACT FL/TC MGUARD Family - UDP Packet Filter Bypass via Improper Input Validation
Title source: llmDescription
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.
References (1)
Core 1
Core References
Mitigation, Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2023-010/
Scores
CVSS v3
5.3
EPSS
0.0062
EPSS Percentile
44.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-1287
Status
published
Products (26)
phoenixcontact/fl_mguard_2102_firmware
< 10.1.1
phoenixcontact/fl_mguard_4102_pci_firmware
< 10.1.1
phoenixcontact/fl_mguard_4102_pcie_firmware
< 10.1.1
phoenixcontact/fl_mguard_4302_firmware
< 10.1.1
phoenixcontact/fl_mguard_centerport_firmware
< 8.9.0
phoenixcontact/fl_mguard_centerport_vpn-1000_firmware
< 8.9.0
phoenixcontact/fl_mguard_core_tx_firmware
< 8.9.0
phoenixcontact/fl_mguard_core_tx_vpn_firmware
< 8.9.0
phoenixcontact/fl_mguard_delta_tx\/tx_firmware
< 8.9.0
phoenixcontact/fl_mguard_delta_tx\/tx_vpn_firmware
< 8.9.0
... and 16 more
Published
Jun 13, 2023
Tracked Since
Feb 18, 2026