CVE-2018-5441
N/A
N/A
Summary
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | PHOENIX CONTACT mGuard | PHOENIX CONTACT mGuard | affected |
Weaknesses
- CWE-354: CWE-354
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/102907
- https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01
- https://cert.vde.com/en-us/advisories/vde-2018-001
References
- http://www.securityfocus.com/bid/102907
- https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01
- https://cert.vde.com/en-us/advisories/vde-2018-001
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.