CVE-2023-2673

PHOENIX CONTACT: FL/TC MGUARD prone to Improper Input Validation

Description

Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks.

Category

5.3
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Third-Party Advisory vde.com
Affected: PHOENIX CONTACT FL MGUARD 2102
Affected: PHOENIX CONTACT FL MGUARD 4102 PCI
Affected: PHOENIX CONTACT FL MGUARD 4102 PCIE
Affected: PHOENIX CONTACT FL MGUARD 4302
Affected: PHOENIX CONTACT FL MGUARD CENTERPORT
Affected: PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000
Affected: PHOENIX CONTACT FL MGUARD CORE TX
Affected: PHOENIX CONTACT FL MGUARD CORE TX VPN
Affected: PHOENIX CONTACT FL MGUARD DELTA TX/TX
Affected: PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD GT/GT
Affected: PHOENIX CONTACT FL MGUARD GT/GT VPN
Affected: PHOENIX CONTACT FL MGUARD PCI4000
Affected: PHOENIX CONTACT FL MGUARD PCI4000 VPN
Affected: PHOENIX CONTACT FL MGUARD PCIE4000
Affected: PHOENIX CONTACT FL MGUARD PCIE4000 VPN
Affected: PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B
Affected: PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS2005 TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN
Affected: PHOENIX CONTACT FL MGUARD RS4004 TX/DTX
Affected: PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN
Affected: PHOENIX CONTACT FL MGUARD SMART2
Affected: PHOENIX CONTACT FL MGUARD SMART2 VPN
Published at:
Updated at:

References

Link Tags
https://cert.vde.com/en/advisories/VDE-2023-010/ mitigation third party advisory

Frequently Asked Questions

What is the severity of CVE-2023-2673?
CVE-2023-2673 has been scored as a medium severity vulnerability.
How to fix CVE-2023-2673?
To fix CVE-2023-2673, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-2673 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-2673 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-2673?
CVE-2023-2673 affects PHOENIX CONTACT FL MGUARD 2102, PHOENIX CONTACT FL MGUARD 4102 PCI, PHOENIX CONTACT FL MGUARD 4102 PCIE, PHOENIX CONTACT FL MGUARD 4302, PHOENIX CONTACT FL MGUARD CENTERPORT, PHOENIX CONTACT FL MGUARD CENTERPORT VPN-1000, PHOENIX CONTACT FL MGUARD CORE TX, PHOENIX CONTACT FL MGUARD CORE TX VPN, PHOENIX CONTACT FL MGUARD DELTA TX/TX, PHOENIX CONTACT FL MGUARD DELTA TX/TX VPN, PHOENIX CONTACT FL MGUARD GT/GT, PHOENIX CONTACT FL MGUARD GT/GT VPN, PHOENIX CONTACT FL MGUARD PCI4000, PHOENIX CONTACT FL MGUARD PCI4000 VPN, PHOENIX CONTACT FL MGUARD PCIE4000, PHOENIX CONTACT FL MGUARD PCIE4000 VPN, PHOENIX CONTACT FL MGUARD RS2000 TX/TX-B, PHOENIX CONTACT FL MGUARD RS2000 TX/TX VPN, PHOENIX CONTACT FL MGUARD RS2005 TX VPN, PHOENIX CONTACT FL MGUARD RS4000 TX/TX-M, PHOENIX CONTACT FL MGUARD RS4000 TX/TX-P, PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN, PHOENIX CONTACT FL MGUARD RS4000 TX/TX VPN, PHOENIX CONTACT FL MGUARD RS4004 TX/DTX, PHOENIX CONTACT FL MGUARD RS4004 TX/DTX VPN, PHOENIX CONTACT FL MGUARD SMART2, PHOENIX CONTACT FL MGUARD SMART2 VPN.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.