Vulnerability classification has been performed using the CVSS v3.1 scoring system. In these cases, we will provide you with the relevant information, e.g. in this security advisory. If you fail to install a security update provided to you within a reasonable period of time, we will not be liable for any product defect solely due to the absence of such security update.Īlternatively, we are entitled to directly download and/or install security updates regardless of your settings. It is your responsibility to download and/or install any security updates provided by us, for example to maintain product or data security. With respect to Directive (EU) 2019/770 and Directive (EU) 2019/771 and their national transposition laws, please note: CWE-770 Allocation of Resources Without Limits or Throttling.Configuring firewall limits for incoming connections cannot prevent the issue. Vulnerability Details CVE-2022-3480ĬVE description: A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. Temporary Fix / Mitigationĭon’t allow access to the HTTPS management interface from untrusted networks. We strongly recommend all affected users to upgrade to this or a later version. The vulnerability is fixed in firmware version 8.9.0. Solution and Mitigations Update to the latest released version Equipped with the respective VPN licenses, the mGuard rs4000 functions as a remote maintenance infrastructure for the secure connection of machines and plants. To ensure software-independent remote maintenance scenarios, the mGuard rs4000 can be used as a VPN gateway for IPsec-encrypted VPN tunnels. Production installations can only be reliably protected through decentralized end-point security from sabotage and resulting production downtimes. The mGuard rs4000 is very well-suited for the decentralized protection of production cells or individual machines against manipulations. The new mGuard factory line offers high-end industrial security in the form of an extremely powerful and fail-safe product portfolio, which is also ideal for sophisticated high-availability scenarios and complex security architectures. Due to its front-side configuration memory (SD card), the mGuard rs4000 can be quickly and easily put into operation, updated and exchanged.Īs successor to the industry standard mGuard industrial rs, the mGuard rs4000 is comparable to this model not only in its space requirements on DIN rails, but also in its functionality. The new fanless industrial security router generation mGuard rs4000 from Innominate's factory line convinces through reliable security and performance in a compact, DIN rail-mountable industrial metal casing.
0 Comments
Leave a Reply. |