CVE-2024-43384
Analyzed Analyzed - Analysis Complete
Root Password Exposure in Firmware via Information Leak

Publication date: 2026-05-07

Last updated on: 2026-05-11

Assigner: CERT VDE

Description
A low privileged remote attacker can gainΒ the root password due to improper removal of sensitive information before storage or transfer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-07
Last Modified
2026-05-11
Generated
2026-06-16
AI Q&A
2026-05-07
EPSS Evaluated
2026-06-15
NVD
CVE-2024-43384
EUVD
EUVD-2024-55567
Affected Vendors & Products
Showing 37 associated CPEs
Vendor Product Version / Range
phoenixcontact fl_mguard_2102_firmware to 10.4.1 (exc)
phoenixcontact fl_mguard_2105_firmware to 10.4.1 (exc)
phoenixcontact fl_mguard_4102_pci_firmware to 10.4.1 (exc)
phoenixcontact fl_mguard_4102_pcie_firmware to 10.4.1 (exc)
phoenixcontact fl_mguard_4302_firmware to 10.4.1 (exc)
phoenixcontact fl_mguard_4305_firmware to 10.4.1 (exc)
phoenixcontact fl_mguard_centerport_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_centerport_vpn-1000_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_core_tx_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_core_tx_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_delta_tx/tx_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_delta_tx/tx_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_gt/gt_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_gt/gt_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_pci4000_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_pci4000_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_pcie4000_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_pcie4000_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs2000_tx/tx_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs2000_tx/tx-b_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs2005_tx_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs4000_tx/tx_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs4000_tx/tx_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs4000_tx/tx-m_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs4000_tx/tx-p_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs4004_tx/dtx_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_rs4004_tx/dtx_vpn_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_smart2_firmware to 8.9.3 (exc)
phoenixcontact fl_mguard_smart2_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs2000_3g_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs2000_4g_att_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs2000_4g_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs2000_4g_vzw_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs4000_3g_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs4000_4g_att_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs4000_4g_vpn_firmware to 8.9.3 (exc)
phoenixcontact tc_mguard_rs4000_4g_vzw_vpn_firmware to 8.9.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-212 The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2024-43384 is a vulnerability in Phoenix Contact mGuard devices where a low-privileged remote attacker can obtain the root password. This happens because sensitive information is not properly removed before it is stored or transferred, allowing unauthorized access to critical credentials.

Impact Analysis

This vulnerability can have a severe impact as it allows a low-privileged remote attacker to gain root access to affected devices. With root access, the attacker can fully control the device, potentially leading to data breaches, disruption of services, and unauthorized changes to system configurations.

Mitigation Strategies

To mitigate this vulnerability, you should update the firmware of affected Phoenix Contact mGuard devices to the fixed versions.

  • Upgrade to firmware version 8.9.3 or later for applicable models.
  • Upgrade to firmware version 10.4.1 or later for other applicable models.

These updates address the improper removal of sensitive information that allows a low-privileged remote attacker to obtain the root password.

Compliance Impact

This vulnerability allows a low privileged remote attacker to gain the root password due to improper removal of sensitive information before storage or transfer. Such unauthorized access to sensitive credentials can lead to data breaches and unauthorized system control.

Consequently, this can impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive information and proper access controls to prevent unauthorized disclosure or access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-43384. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart