Description
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
Published: 2026-05-07
Score: 8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A low privileged remote attacker can obtain the root password because sensitive information is not properly removed before being stored or transmitted.

Affected Systems

The vulnerability affects a broad range of Phoenix Contact MGUARD products, including the MGUARD 2102, 2105, 4102 PCI, 4102 PCIE, 4302, 4305, CENTERPORT VPN-1000, CORE TX, CORE TX VPN DELTA TX/TX, DELTA TX/TX VPN, GT/GT, GT/GT VPN, PCI4000, PCI4000 VPN, PCIE4000, PCIE4000 VPN, RS2000 TX/TX VPN, RS2000 TX/TX-B, RS2005 TX VPN, RS4000 TX/TX, RS4000 TX/TX VPN, RS4000 TX/TX-M, RS4000 TX/TX-P, RS4004 TX/DTX, RS4004 TX/DTX VPN, SMART2, SMART2 VPN, as well as the TC variants of RS2000 and RS4000 in 3G/4G configurations.

Risk and Exploitability

With a CVSS score of 8 the vulnerability is considered high impact. An EPSS score is not available, and the vulnerability is not listed in CISA KEV, but devices exposed to remote networks can be targeted by attackers who only need low privileges. The likely attack vector is network-based, relying on the device’s remote management or storage interfaces, which allows a low privileged remote attacker to obtain the root password through the improper handling of sensitive information.

Generated by OpenCVE AI on May 7, 2026 at 12:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-published firmware or patch that addresses the improper removal of sensitive information on the affected MGUARD models.
  • Minimize the attack surface by disabling or restricting remote management interfaces that are not required; limit access to trusted IP ranges and implement network segmentation or firewall rules to isolate the devices.
  • Verify that configuration and storage files on the devices no longer contain residual or hard‑coded credentials; remove any such data and ensure proper sanitization procedures are followed.
  • Monitor the devices for unauthorized attempts to read or modify configuration files and consider deploying additional authentication controls if available.

Generated by OpenCVE AI on May 7, 2026 at 12:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 07 May 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Phoenixcontact
Phoenixcontact fl Mguard 2102
Phoenixcontact fl Mguard 2105
Phoenixcontact fl Mguard 4102 Pci
Phoenixcontact fl Mguard 4102 Pcie
Phoenixcontact fl Mguard 4302
Phoenixcontact fl Mguard 4305
Phoenixcontact fl Mguard Centerport Vpn-1000
Phoenixcontact fl Mguard Core Tx
Phoenixcontact fl Mguard Core Tx Vpn
Phoenixcontact fl Mguard Delta Tx/tx
Phoenixcontact fl Mguard Delta Tx/tx Vpn
Phoenixcontact fl Mguard Gt/gt
Phoenixcontact fl Mguard Gt/gt Vpn
Phoenixcontact fl Mguard Pci4000
Phoenixcontact fl Mguard Pci4000 Vpn
Phoenixcontact fl Mguard Pcie4000
Phoenixcontact fl Mguard Pcie4000 Vpn
Phoenixcontact fl Mguard Rs2000 Tx/tx-b
Phoenixcontact fl Mguard Rs2000 Tx/tx Vpn
Phoenixcontact fl Mguard Rs2005 Tx Vpn
Phoenixcontact fl Mguard Rs4000 Tx/tx
Phoenixcontact fl Mguard Rs4000 Tx/tx-m
Phoenixcontact fl Mguard Rs4000 Tx/tx-p
Phoenixcontact fl Mguard Rs4000 Tx/tx Vpn
Phoenixcontact fl Mguard Rs4004 Tx/dtx
Phoenixcontact fl Mguard Rs4004 Tx/dtx Vpn
Phoenixcontact fl Mguard Smart2
Phoenixcontact fl Mguard Smart2 Vpn
Phoenixcontact tc Mguard Rs2000 3g Vpn
Phoenixcontact tc Mguard Rs2000 4g Att Vpn
Phoenixcontact tc Mguard Rs2000 4g Vpn
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs4000 3g Vpn
Phoenixcontact tc Mguard Rs4000 4g Att Vpn
Phoenixcontact tc Mguard Rs4000 4g Vpn
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn
Vendors & Products Phoenixcontact
Phoenixcontact fl Mguard 2102
Phoenixcontact fl Mguard 2105
Phoenixcontact fl Mguard 4102 Pci
Phoenixcontact fl Mguard 4102 Pcie
Phoenixcontact fl Mguard 4302
Phoenixcontact fl Mguard 4305
Phoenixcontact fl Mguard Centerport Vpn-1000
Phoenixcontact fl Mguard Core Tx
Phoenixcontact fl Mguard Core Tx Vpn
Phoenixcontact fl Mguard Delta Tx/tx
Phoenixcontact fl Mguard Delta Tx/tx Vpn
Phoenixcontact fl Mguard Gt/gt
Phoenixcontact fl Mguard Gt/gt Vpn
Phoenixcontact fl Mguard Pci4000
Phoenixcontact fl Mguard Pci4000 Vpn
Phoenixcontact fl Mguard Pcie4000
Phoenixcontact fl Mguard Pcie4000 Vpn
Phoenixcontact fl Mguard Rs2000 Tx/tx-b
Phoenixcontact fl Mguard Rs2000 Tx/tx Vpn
Phoenixcontact fl Mguard Rs2005 Tx Vpn
Phoenixcontact fl Mguard Rs4000 Tx/tx
Phoenixcontact fl Mguard Rs4000 Tx/tx-m
Phoenixcontact fl Mguard Rs4000 Tx/tx-p
Phoenixcontact fl Mguard Rs4000 Tx/tx Vpn
Phoenixcontact fl Mguard Rs4004 Tx/dtx
Phoenixcontact fl Mguard Rs4004 Tx/dtx Vpn
Phoenixcontact fl Mguard Smart2
Phoenixcontact fl Mguard Smart2 Vpn
Phoenixcontact tc Mguard Rs2000 3g Vpn
Phoenixcontact tc Mguard Rs2000 4g Att Vpn
Phoenixcontact tc Mguard Rs2000 4g Vpn
Phoenixcontact tc Mguard Rs2000 4g Vzw Vpn
Phoenixcontact tc Mguard Rs4000 3g Vpn
Phoenixcontact tc Mguard Rs4000 4g Att Vpn
Phoenixcontact tc Mguard Rs4000 4g Vpn
Phoenixcontact tc Mguard Rs4000 4g Vzw Vpn

Thu, 07 May 2026 09:15:00 +0000

Type Values Removed Values Added
Description A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
Title Phoenix Contact: Improper removal of sensitive information in MGUARD products
Weaknesses CWE-212
References
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Phoenixcontact Fl Mguard 2102 Fl Mguard 2105 Fl Mguard 4102 Pci Fl Mguard 4102 Pcie Fl Mguard 4302 Fl Mguard 4305 Fl Mguard Centerport Vpn-1000 Fl Mguard Core Tx Fl Mguard Core Tx Vpn Fl Mguard Delta Tx/tx Fl Mguard Delta Tx/tx Vpn Fl Mguard Gt/gt Fl Mguard Gt/gt Vpn Fl Mguard Pci4000 Fl Mguard Pci4000 Vpn Fl Mguard Pcie4000 Fl Mguard Pcie4000 Vpn Fl Mguard Rs2000 Tx/tx-b Fl Mguard Rs2000 Tx/tx Vpn Fl Mguard Rs2005 Tx Vpn Fl Mguard Rs4000 Tx/tx Fl Mguard Rs4000 Tx/tx-m Fl Mguard Rs4000 Tx/tx-p Fl Mguard Rs4000 Tx/tx Vpn Fl Mguard Rs4004 Tx/dtx Fl Mguard Rs4004 Tx/dtx Vpn Fl Mguard Smart2 Fl Mguard Smart2 Vpn Tc Mguard Rs2000 3g Vpn Tc Mguard Rs2000 4g Att Vpn Tc Mguard Rs2000 4g Vpn Tc Mguard Rs2000 4g Vzw Vpn Tc Mguard Rs4000 3g Vpn Tc Mguard Rs4000 4g Att Vpn Tc Mguard Rs4000 4g Vpn Tc Mguard Rs4000 4g Vzw Vpn
cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published:

Updated: 2026-05-07T14:32:39.199Z

Reserved: 2024-08-12T08:30:16.359Z

Link: CVE-2024-43384

cve-icon Vulnrichment

Updated: 2026-05-07T14:32:35.778Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-07T09:16:24.873

Modified: 2026-05-07T14:53:48.473

Link: CVE-2024-43384

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T12:30:29Z

Weaknesses