CVE-2023-2673 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CERTVDE	CNA	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Vendor	Product	Version
phoenixcontact	fl_mguard_2102_firmware	𝑥 ≤ 10.1.1
phoenixcontact	fl_mguard_4102_pci_firmware	𝑥 ≤ 10.1.1
phoenixcontact	fl_mguard_4102_pcie_firmware	𝑥 ≤ 10.1.1
phoenixcontact	fl_mguard_4302_firmware	𝑥 ≤ 10.1.1
phoenixcontact	fl_mguard_centerport_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_centerport_vpn-1000_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_core_tx_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_core_tx_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_delta_tx\/tx_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_delta_tx\/tx_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_gt\/gt_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_gt\/gt_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_pci4000_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_pci4000_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_pcie4000_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_pcie4000_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs2000_tx\/tx-b_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs2000_tx\/tx_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs2005_tx_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs4000_tx\/tx-m_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs4000_tx\/tx-p_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs4000_tx\/tx_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs4004_tx\/dtx_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_rs4004_tx\/dtx_vpn_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_smart2_firmware	𝑥 ≤ 8.9.0
phoenixcontact	fl_mguard_smart2_vpn_firmware	𝑥 ≤ 8.9.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1287 - Improper Validation of Specified Type of Input
The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

References

https://cert.vde.com/en/advisories/VDE-2023-010/