CVE & CISA-KEV Catalog

CVE-2020-12523

MEDIUM
5.4
CVSS v3
NVD

Description

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource

How to fix

Remediation Available
fl mguard rs4004 tx\/dtx firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
fl mguard rs4004 tx\/dtx vpn firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
innominate mguard rs4000 4tx\/3g\/tx vpn firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
innominate mguard rs4000 4tx\/tx firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
innominate mguard rs4000 4tx\/tx vpn firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
tc mguard rs4000 4g att vpn firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
tc mguard rs4000 4g vpn firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD
tc mguard rs4000 4g vzw vpn firmwareNVD
Affected:< 8.8.3Fixed in:8.8.3CVE-2020-12523derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged

Impact

ConfidentialityLow
IntegrityNone
AvailabilityLow

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

Exploit Intelligence

0.89%probability of exploitation in 30 days
55thpercentile

Moderate risk: more likely to be exploited than 55% of all known CVEs.

References

Third-Party Advisory1
Embed a live status badge for CVE-2020-12523
CVE-2020-12523 severity badge

Markdown

[![CVE-2020-12523](https://tridentstack.com/cve/badge/CVE-2020-12523.svg)](https://tridentstack.com/cve/CVE-2020-12523)

HTML

<a href="https://tridentstack.com/cve/CVE-2020-12523"><img src="https://tridentstack.com/cve/badge/CVE-2020-12523.svg" alt="CVE-2020-12523"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.