SecuriTricks - CVE-2024-7734

Description

An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. The impact is limited to blocking of valid IPsec VPN peers.

Product(s) Impacted

Vendor	Product	Versions
Phoenixcontact	Tc Mguard Rs4000 4g Vzw Vpn Firmware Tc Mguard Rs4000 4g Vzw Vpn Tc Mguard Rs4000 4g Vpn Firmware Tc Mguard Rs4000 4g Vpn Tc Mguard Rs4000 4g Att Vpn Firmware Tc Mguard Rs4000 4g Att Vpn Tc Mguard Rs4000 3g Vpn Firmware Tc Mguard Rs4000 3g Vpn Tc Mguard Rs2000 4g Vzw Vpn Firmware Tc Mguard Rs2000 4g Vzw Vpn Tc Mguard Rs2000 4g Vpn Firmware Tc Mguard Rs2000 4g Vpn Tc Mguard Rs2000 4g Att Vpn Firmware Tc Mguard Rs2000 4g Att Vpn Tc Mguard Rs2000 3g Vpn Firmware Tc Mguard Rs2000 3g Vpn Fl Mguard Smart2 Vpn Firmware Fl Mguard Smart2 Vpn Fl Mguard Smart2 Firmware Fl Mguard Smart2 Fl Mguard Rs4004 Tx\/dtx Vpn Firmware Fl Mguard Rs4004 Tx\/dtx Vpn Fl Mguard Rs4004 Tx\/dtx Firmware Fl Mguard Rs4004 Tx\/dtx Fl Mguard Rs4000 Tx\/tx Vpn Firmware Fl Mguard Rs4000 Tx\/tx Vpn Fl Mguard Rs4000 Tx\/tx-p Firmware Fl Mguard Rs4000 Tx\/tx-p Fl Mguard Rs4000 Tx\/tx-m Firmware Fl Mguard Rs4000 Tx\/tx-m Fl Mguard Rs4000 Tx\/tx Firmware Fl Mguard Rs4000 Tx\/tx Fl Mguard Rs2005 Tx Vpn Firmware Fl Mguard Rs2005 Tx Vpn Fl Mguard Rs2000 Tx\/tx Vpn Firmware Fl Mguard Rs2000 Tx\/tx Vpn Fl Mguard Rs2000 Tx\/tx-b Firmware Fl Mguard Rs2000 Tx\/tx-b Fl Mguard Pcie4000 Vpn Firmware Fl Mguard Pcie4000 Vpn Fl Mguard Pcie4000 Firmware Fl Mguard Pcie4000 Fl Mguard Pci4000 Vpn Firmware Fl Mguard Pci4000 Vpn Fl Mguard Pci4000 Firmware Fl Mguard Pci4000 Fl Mguard Gt\/gt Vpn Firmware Fl Mguard Gt\/gt Vpn Fl Mguard Gt\/gt Firmware Fl Mguard Gt\/gt Fl Mguard Delta Tx\/tx Vpn Firmware Fl Mguard Delta Tx\/tx Vpn Fl Mguard Delta Tx\/tx Firmware Fl Mguard Delta Tx\/tx Fl Mguard Core Tx Vpn Firmware Fl Mguard Core Tx Vpn Fl Mguard Core Tx Firmware Fl Mguard Core Tx Fl Mguard Centerport Vpn-1000 Firmware Fl Mguard Centerport Vpn-1000 Fl Mguard 4305 Firmware Fl Mguard 4305 Fl Mguard 4302 Firmware Fl Mguard 4302 Fl Mguard 4102 Pcie Firmware Fl Mguard 4102 Pcie Fl Mguard 4102 Pci Firmware Fl Mguard 4102 Pci Fl Mguard 2105 Firmware Fl Mguard 2105 Fl Mguard 2102 Firmware Fl Mguard 2102	* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * -

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-770

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
o	phoenixcontact	tc_mguard_rs4000_4g_vzw_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs4000_4g_vzw_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs4000_4g_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs4000_4g_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs4000_4g_att_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs4000_4g_att_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs4000_3g_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs4000_3g_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs2000_4g_vzw_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs2000_4g_vzw_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs2000_4g_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs2000_4g_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs2000_4g_att_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs2000_4g_att_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	tc_mguard_rs2000_3g_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	tc_mguard_rs2000_3g_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_smart2_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_smart2_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_smart2_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_smart2	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs4004_tx\/dtx_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs4004_tx\/dtx_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs4004_tx\/dtx_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs4004_tx\/dtx	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs4000_tx\/tx_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs4000_tx\/tx_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs4000_tx\/tx-p_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs4000_tx\/tx-p	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs4000_tx\/tx-m_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs4000_tx\/tx-m	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs4000_tx\/tx_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs4000_tx\/tx	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs2005_tx_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs2005_tx_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs2000_tx\/tx_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs2000_tx\/tx_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_rs2000_tx\/tx-b_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_rs2000_tx\/tx-b	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_pcie4000_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_pcie4000_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_pcie4000_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_pcie4000	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_pci4000_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_pci4000_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_pci4000_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_pci4000	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_gt\/gt_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_gt\/gt_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_gt\/gt_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_gt\/gt	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_delta_tx\/tx_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_delta_tx\/tx_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_delta_tx\/tx_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_delta_tx\/tx	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_core_tx_vpn_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_core_tx_vpn	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_core_tx_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_core_tx	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_centerport_vpn-1000_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_centerport_vpn-1000	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_4305_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_4305	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_4302_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_4302	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_4102_pcie_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_4102_pcie	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_4102_pci_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_4102_pci	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_2105_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_2105	-	/	/	/	/	/	/	/
o	phoenixcontact	fl_mguard_2102_firmware	/	/	/	/	/	/	/	/
h	phoenixcontact	fl_mguard_2102	-	/	/	/	/	/	/	/

References

https://cert.vde.com/en/advisories/VDE-2024-052

CVSS Score

5.3 / 10

CVSS Data

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: LOW

View Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Date

Published: Sept. 10, 2024, 8:15 a.m.
Last Modified: Sept. 28, 2024, 11:56 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

info@cert.vde.com

CVE-2024-7734