CVE-2018-5441

Name: CVE-2018-5441
Creator: NVD / NIST
Published: 2018-01-30T20:29:00.457+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.29%

Last modified Jun 17, 2026

CVE-2018-5441 is a vulnerability of currently unknown severity. An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. EPSS estimates a 0.29% chance of exploitation in the next 30 days.

Description

An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages.

Metrics

EPSS Probability

0.29%

20.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Phoenixcontact	Mguard Centerport Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Delta Tx\/Tx Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Delta Tx\/Tx Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Gt\/Gt Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Gt\/Gt Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Pci4000 Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Pcie4000 Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs2000 Tx\/Tx Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs2000 Tx\/Tx-B Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs2005 Tx Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4000 Tx\/Tx Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4000 Tx\/Tx Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4000 Tx\/Tx Vpn-M Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4000 Tx\/Tx-P Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4004 Tx\/Dtx Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4004 Tx\/Dtx Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Smart2 Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Smart2 Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs2000 3g Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4000 3g Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Core Tx Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs2000 4g Vpn Firmware	>= 7.2.0, <= 8.6.0
Phoenixcontact	Mguard Rs4000 4g Vpn Firmware	>= 7.2.0, <= 8.6.0

References

http://www.securityfocus.com/bid/102907Third Party Advisory, VDB Entry
https://cert.vde.com/en-us/advisories/vde-2018-001Patch, Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/102907Third Party Advisory, VDB Entry
https://cert.vde.com/en-us/advisories/vde-2018-001Patch, Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01Third Party Advisory, US Government Resource

Timeline

Published: Jan 30, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-5441?

How severe is CVE-2018-5441?

Severity scoring for CVE-2018-5441 is pending analysis. The EPSS model estimates a 0.29% probability of exploitation in the next 30 days.

How do I fix CVE-2018-5441?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-5441?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST