Improper Sensitive Information Management in Product by Vendor
CVE-2024-43384

8HIGH

Key Information:

Vendor: Phoenix Contact
Status: Fl Mguard 2102; Fl Mguard 2105; Fl Mguard 4102 Pci; Fl Mguard 4102 Pcie
Vendor: CVE Published:; 7 May 2026

🔔 Create Phoenix Contact Vulnerability Alert

What is CVE-2024-43384?

A vulnerability exists that allows a low privileged remote attacker to gain unauthorized access to the root password due to the improper removal of sensitive information prior to its storage or transfer. This security flaw can potentially lead to serious breaches if exploited, as attackers can manipulate how sensitive data is handled, compromising the integrity and security of the affected system.

Affected Version(s)

FL MGUARD 2102 0 < 10.4.1

FL MGUARD 2105 0 < 10.4.1

FL MGUARD 4102 PCI 0 < 10.4.1

References

https://certvde.com/en/advisories/VDE-2024-039

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2026
Vulnerability Reserved
Aug 12, 2024

Credit

Andrea Palanca

Nozomi Networks Security Research Team

CVE-2024-43384 Data

JSON