← back
CVE-2021-34598

Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality

CVSS 7.5 HIGHEPSS 0.9%CWE-401
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
10 Nov 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
PHOENIX CONTACT · FL MGUARD

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert.vde.com/en/advisories/VDE-2021-046/