CVE-2017-5159 - An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. W

CVE-2017-5159

Summary

An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to Version 8.4.0 via the update-upload facility, the update will succeed, but it will reset the password of the admin user to its default value.

References

Vulnerable Configurations

cpe:2.3:o:phoenixcontact:mguard_firmware:8.4.0:*:*:*:*:*:*:*
cpe:2.3:o:phoenixcontact:mguard_firmware:8.4.0:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 31-08-2021 - 19:43)
Impact:
Exploitability:

CWE

CWE-99

CAPEC

Buffer Overflow via Environment Variables
This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
Manipulating Writeable Configuration Files
Generally these are manually edited files that are not in the preview of the system administrators, any ability on the attackers' behalf to modify these files, for example in a CVS repository, gives unauthorized access directly to the application, the same as authorized users.
Resource Injection
An adversary exploits weaknesses in input validation by manipulating resource identifiers enabling the unintended modification or specification of a resource.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	95648
misc	https://ics-cert.us-cert.gov/advisories/ICSA-17-017-01

Last major update

31-08-2021 - 19:43

Published

13-02-2017 - 21:59

Last modified

31-08-2021 - 19:43