Multiple vulnerabilities in PHOENIX CONTACT mGuard Device Manager

1) Remote code execution

EUVDB-ID: #VU8089

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-10102

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to execute arbitrary code.

The weakness exists due to unknown error. A remote attacker can trick the victim into visiting a specially crafted website, execute arbitrary code with elevated privileges and take full control over the system.

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Remote code execution

EUVDB-ID: #VU8082

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-10116

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to execute arbitrary code.

The weakness exists due to unknown error. A remote attacker can trick the victim into visiting a specially crafted website, execute arbitrary code with elevated privileges and take full control over the system.

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Security restrictions bypass

EUVDB-ID: #VU8095

Risk: Low

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10078

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to unknown error. A remote attacker can trick the victim into visiting a specially crafted website, bypass security restrictions and disclose and modify important data on the system.

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU8083

Risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10115

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unknown error. A remote attacker can disclose important data on the target system

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information disclosure

EUVDB-ID: #VU8534

Risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10118

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unknown error. A remote attacker can disclose important data on the target system

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Information disclosure

EUVDB-ID: #VU8535

Risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10176

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unknown error. A remote attacker can disclose important data on the target system

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Information disclosure

EUVDB-ID: #VU8536

Risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10198

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unknown error. A remote attacker can use multiple protocols to disclose important data on the target system

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Information disclosure

EUVDB-ID: #VU8537

Risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10135

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to unknown error. A remote attacker can disclose important data on the target system

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Denial of service

EUVDB-ID: #VU8097

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10053

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to unknown error. A remote attacker can cause the application to crash.

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Denial of service

EUVDB-ID: #VU8086

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-10108

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to unknown error. A remote attacker can cause the application to crash.

Mitigation

Update to version 1.8.0.1.

Vulnerable software versions

mGuard Device Manager: 1.5.2.1 - 1.8.0.1

CPE2.3

External links

https://ics-cert.us-cert.gov/advisories/ICSA-17-262-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Risk	High
Patch available	YES
Number of vulnerabilities	10
CVE-ID	CVE-2017-10102 CVE-2017-10116 CVE-2017-10078 CVE-2017-10115 CVE-2017-10118 CVE-2017-10176 CVE-2017-10198 CVE-2017-10135 CVE-2017-10053 CVE-2017-10108
CWE-ID	CWE-264 CWE-200
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	mGuard Device Manager Hardware solutions / Firmware
Vendor	Phoenix Contact GmbH