CVE-2019-18352
Description
Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices before V2.90 and FL NAT 2304-2GC-2SFP devices before V2.90 when using MAC-based port security.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper access control in PHOENIX CONTACT FL NAT devices before V2.90 allows bypass of MAC-based port security.
Vulnerability
Improper access control exists in PHOENIX CONTACT FL NAT 2208 devices before firmware version V2.90 and FL NAT 2304-2GC-2SFP devices before firmware version V2.90 when MAC-based port security is enabled. The flaw allows an attacker to bypass the intended access restrictions.
Exploitation
An attacker with network access to the affected device can exploit the improper access control to circumvent the MAC-based port security mechanism. No authentication or user interaction is required beyond network connectivity.
Impact
Successful exploitation enables an attacker to gain unauthorized network access to the device or the protected network segment, potentially leading to information disclosure or further compromise of the network.
Mitigation
Update the firmware to version V2.90 or later, which contains the fix for this vulnerability. No workarounds have been disclosed.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- PHOENIX CONTACT/FL NAT 2208 devicesdescription
- Range: < V2.90
- Range: < V2.90
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- cert.vde.com/de-de/advisories/vde-2019-020mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.