CVE-2024-43385

high-risk

Published 2024-09-10

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable PROXY_HTTP_PORT in mGuard devices.

Do I need to act?

2.5% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (20)

Tc Mguard Rs2000 3G Vpn Firmware

Fl Mguard Smart2 Vpn Firmware

Fl Mguard Smart2 Firmware

Fl Mguard Rs4004 Tx\/Dtx Vpn Firmware

Fl Mguard Rs4004 Tx\/Dtx Firmware

Fl Mguard Rs4000 Tx\/Tx Vpn Firmware

Fl Mguard Rs4000 Tx\/Tx-P Firmware

Fl Mguard Rs4000 Tx\/Tx-M Firmware

Fl Mguard Rs4000 Tx\/Tx Firmware

Fl Mguard Rs2005 Tx Vpn Firmware

Fl Mguard Rs2000 Tx\/Tx Vpn Firmware

Fl Mguard Rs2000 Tx\/Tx-B Firmware

Fl Mguard Pcie4000 Vpn Firmware

Fl Mguard Pcie4000 Firmware

Fl Mguard Pci4000 Vpn Firmware

Fl Mguard Pci4000 Firmware

Fl Mguard Gt\/Gt Vpn Firmware

Fl Mguard Gt\/Gt Firmware

Fl Mguard Delta Tx\/Tx Vpn Firmware

Fl Mguard Delta Tx\/Tx Firmware

Affected Vendors

Phoenixcontact

References (1)

Third Party Advisory https://cert.vde.com/en/advisories/VDE-2024-039

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 6/34 · Minimal

Exposure 23/34 · High