CVE-2017-5159 Information
Feb 14, 2021
cve
Description
An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to Version 8.4.0 via the update-upload facility the update will succeed but it will reset the password of the admin user to its default value.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/95648 https://ics-cert.us-cert.gov/advisories/ICSA-17-017-01
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8
Share on: