Skip to main

Vulnerability in routers FL MGUARD and TC MGUARD

BOSCH-SA-982696

Advisory Information

  • Advisory ID: BOSCH-SA-982696
  • CVE Numbers and CVSS v3.1 Scores:
  • Published: 27 Apr 2022
  • Last Updated: 27 Apr 2022

Summary

The FL MGUARD and TC MGUARD safety devices sold by Bosch Rexroth are devices from Phoenix Contact that have been introduced as trade goods. A security advisory has been published by the manufacturer, which indicates that devices are affected by a possible infinite loop within an OpenSSL library method [1].

Parts No. Parts Shorttext PxC No. Article
R901351745
FL MGUARD RS4000 TX/&
2700634
FL MGUARD RS4000 TX/TX
R901352542
FL MGUARD RS4000 VPN&
2200515
FL MGUARD RS4000 TX/TX VPN
R901541498
TC MGUARD RS4000 4G &
2903586
TC MGUARD RS4000 4G VPN
R911173814
FL MGUARD RS4000 TX/&
2200515
FL MGUARD RS4000 TX/TX VPN
R911173815
TC MGUARD RS2000 3G &
2903441
TC MGUARD RS2000 3G VPN
R911173816
TC MGUARD RS4000 3G &
2903440
TC MGUARD RS4000 3G VPN
R911173817
FL MGUARD DELTA TX/T&
2700967
FL MGUARD DELTA TX/TX
R911173818
FL MGUARD SMART2 VPN
2700639
FL MGUARD SMART2 VPN
R913050362
FL MGUARD RS4004 TX/&
2701876
FL MGUARD RS4004 TX/DTX
R913051602
FL MGUARD RS4004 TX/&
2701877
FL MGUARD RS4004 TX/DTX VPN
R913056204
FL MGUARD RS2000 TX/&
2702139
FL MGUARD RS2000 TX/TX-B
R913058931
FL MGUARD RS2000 TX/&
2700642
FL MGUARD RS2000 TX/TX VPN
R913066122
TC MGUARD RS2000 4G &
2903588
TC MGUARD RS2000 4G VPN
R913073676
FL MGUARD RS4000 TX/&
1053403
FL MGUARD RS4000 TX/TX VPN/K1
R913073677
FL MGUARD SMART2 VPN&
1053405
FL MGUARD SMART2 VPN/K1
R913076699
FL MGUARD RS4000 TX/&
2700634
FL MGUARD RS4000 TX/TX

Affected Products

  • Rexroth FL MGUARD DELTA TX/T& (R911173817) <= 8.8.5
  • Rexroth FL MGUARD RS2000 TX/& (R913056204) <= 8.8.5
  • Rexroth FL MGUARD RS2000 TX/& (R913058931) <= 8.8.5
  • Rexroth FL MGUARD RS4000 TX/& (R901351745) <= 8.8.5
  • Rexroth FL MGUARD RS4000 TX/& (R911173814) <= 8.8.5
  • Rexroth FL MGUARD RS4000 TX/& (R913073676) <= 8.8.5
  • Rexroth FL MGUARD RS4000 TX/& (R913076699) <= 8.8.5
  • Rexroth FL MGUARD RS4000 VPN& (R901352542) <= 8.8.5
  • Rexroth FL MGUARD RS4004 TX/& (R913050362) <= 8.8.5
  • Rexroth FL MGUARD RS4004 TX/& (R913051602) <= 8.8.5
  • Rexroth FL MGUARD SMART2 VPN& (R911173818) <= 8.8.5
  • Rexroth FL MGUARD SMART2 VPN& (R913073677) <= 8.8.5
  • Rexroth TC MGUARD RS2000 3G & (R911173815) <= 8.8.5
  • Rexroth TC MGUARD RS2000 4G & (R913066122) <= 8.8.5
  • Rexroth TC MGUARD RS4000 3G & (R911173816) <= 8.8.5
  • Rexroth TC MGUARD RS4000 4G & (R901541498) <= 8.8.5

Solution and Mitigations

Update to the latest released versions

It is strongly recommended to update the firmware version of the affected devices. Please find further details on the security advisory of the supplier [1].

Vulnerability Details

CVE-2022-0778

CVE description: The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).

Remarks

Security Update Information

With respect to Directive (EU) 2019/770 and Directive (EU) 2019/771 and their national transposition laws, please note:

It is your responsibility to download and/or install any security updates provided by us, for example to maintain product or data security. If you fail to install a security update provided to you within a reasonable period of time, we will not be liable for any product defect solely due to the absence of such security update.

Alternatively, we are entitled to directly download and/or install security updates regardless of your settings. In these cases, we will provide you with the relevant information, e.g. in this security advisory.

CVSS Scoring

Vulnerability classification has been performed using the CVSS v3.1 scoring system . The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring.

Additional Resources

Please contact the Bosch PSIRT if you have feedback, comments, or additional information about this vulnerability at: psirt@bosch.com .

Revision History

  • 27 Apr 2022: Initial Publication