CVE-2024-43384
HIGHPhoenix Contact: Improper removal of sensitive information in MGUARD products
Title source: cnaDescription
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
References (1)
Core 1
Core References
Scores
CVSS v3
8.0
EPSS
0.0034
EPSS Percentile
25.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-212
Status
published
Products (50)
PHOENIX CONTACT/FL MGUARD 2102
< 10.4.1
PHOENIX CONTACT/FL MGUARD 2105
< 10.4.1
PHOENIX CONTACT/FL MGUARD 4102 PCI
< 10.4.1
PHOENIX CONTACT/FL MGUARD 4102 PCIE
< 10.4.1
PHOENIX CONTACT/FL MGUARD 4302
< 10.4.1
PHOENIX CONTACT/FL MGUARD 4305
< 10.4.1
PHOENIX CONTACT/FL MGUARD CENTERPORT VPN-1000
< 8.9.3
PHOENIX CONTACT/FL MGUARD CORE TX
< 8.9.3
PHOENIX CONTACT/FL MGUARD CORE TX VPN
< 8.9.3
PHOENIX CONTACT/FL MGUARD DELTA TX/TX
< 8.9.3
... and 40 more
Published
May 07, 2026
Tracked Since
May 07, 2026