CVE-2018-5441

Published Jan 30, 2018
Last updated 5 years ago
CVSS high 7.8
Overview

Description: An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages.
Source: ics-cert@hq.dhs.gov
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-20
ics-cert@hq.dhs.gov: CWE-354
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_centerport_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6005AE8C-7CB3-41FA-9ECB-9C9037B48893",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_centerport:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "324613AE-C9FA-47FA-8FB1-E76134C7CBED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_delta_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8A6BEE0-43D0-4A12-9C3A-116984C4DEB4",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_delta_tx\\/tx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "59B2643C-0EC5-4AD5-B535-C2222E7AE406"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_delta_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D71D1E8-F9B2-44C9-B15A-0C42C18F25A7",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_delta_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B6CE71E-5CDF-45F6-AD09-B03A750250C2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_gt\\/gt_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0D32CBD-BF58-4CC6-A325-A7A3508D8656",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_gt\\/gt:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C1E4D97-BCEC-4F1D-8B40-B24B1ECA439E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_gt\\/gt_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "718DC9CE-3519-4733-801C-17A882185CAF",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_gt\\/gt_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "92A92F7A-EE80-4323-825C-27E9089CA633"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_pci4000_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "797F0C72-8189-4EC5-BBF0-07E266446AA7",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_pci4000_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8220FE6A-E74D-4FFC-82BA-22F3016F146C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_pcie4000_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C60E7710-91B8-4B15-A16B-9F6668195F85",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_pcie4000_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B5A3F679-0067-471F-B46B-CDB16089E93C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs2000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EE290F1-F7D4-46D1-AE4F-377BC5D212D9",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs2000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5DDD6DBE-D9B1-415D-8284-1BE8D786ED24"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs2000_tx\\/tx-b_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3985BB8B-EB08-47EE-B34D-1FA86B4411F5",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs2000_tx\\/tx-b:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F50ABE1-5FAB-426C-8F16-95A9E52FFBC8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs2005_tx_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60530BD0-E190-4C01-92BB-12F048C46758",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs2005_tx_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F31A6108-2E06-43F7-AB8A-4D1A76D8ADEF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4000_tx\\/tx_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C67B81A-CE29-43B4-994E-ED4AF3C14457",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4000_tx\\/tx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDB26D7E-DE57-486E-965A-7B018B9ED58B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4000_tx\\/tx_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ED72FD3-7A3B-4102-9B96-465EBEF93914",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4000_tx\\/tx_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5193E597-3C65-49F6-BBE2-C164F89AB188"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4000_tx\\/tx_vpn-m_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F541618-C97E-4DA2-AB39-7AEE81D00574",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4000_tx\\/tx_vpn-m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4566E57B-1E44-425E-8D88-36C1201A9E5C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4000_tx\\/tx-p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D226957-05AF-4DDA-8C8D-CC2E956196EF",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4000_tx\\/tx-p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A3E45AC-5FD2-457E-A004-6C07CEDAD306"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4004_tx\\/dtx_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "041DD89B-AF3A-4EE7-B3DC-0DA007262ECC",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4004_tx\\/dtx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0EFE74BB-0167-4484-AE87-F17A55829844"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4004_tx\\/dtx_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "038962DC-3D92-44B7-A003-38B34E0ACB94",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4004_tx\\/dtx_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4473C338-9A25-4FD5-8736-4072D0FA265E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_smart2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9C65B2C-DCDF-4822-B2EC-0ACE339FB821",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_smart2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B2EDFA2-FE87-4B6E-8380-AD6F66A3EA09"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_smart2_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "065D3E69-85D2-4193-9F45-6AEF09B9AA99",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_smart2_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E2799FB2-FA17-4C7F-91B7-F6A06055E657"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs2000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DA40CB1-6FDB-47C2-BA72-69B9C90B3797",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs2000_3g_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02D3A13E-0C0D-4073-AE22-5D96F43B3B81"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4000_3g_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "392CB8FC-CCBD-48D4-97D8-8B532864BBFF",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4000_3g_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2DA558DA-2590-42B0-BFE8-BCC590B6E9AC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_core_tx_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CE9BBFB-FA4D-4368-978A-974784B05884",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_core_tx_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5F4B73EB-D000-4BD9-BEA2-AAC6A01600FE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs2000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F21C1837-5C64-43E6-AEDC-29B6D44C4EEA",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs2000_4g_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E805FC49-F621-4552-B5F7-BEF2C9CE4CEC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:mguard_rs4000_4g_vpn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3125CAB7-ECEA-4FB7-9B2A-F2C25F29EE03",
            "versionEndIncluding": "8.6.0",
            "versionStartIncluding": "7.2.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:mguard_rs4000_4g_vpn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34CB4439-3EEA-40A1-A2AE-3594A8DB7AA3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
