CVE-2024-43389

Q: What is the severity of CVE-2024-43389?

CVE-2024-43389 has a CVSS score of 8.1 (HIGH). A low-privileged remote attacker can modify OSPF service configuration through environment variables OSPF_INTERFACE.SIMPLE_KEY and OSPF_INTERFACE.DIGEST_KEY, potentially causing denial of service. This affects systems running vulnerable OSPF implementations where these variables are improperly secured.

8.1 HIGH

Denial of Service

📋 TL;DR

A low-privileged remote attacker can modify OSPF service configuration through environment variables OSPF_INTERFACE.SIMPLE_KEY and OSPF_INTERFACE.DIGEST_KEY, potentially causing denial of service. This affects systems running vulnerable OSPF implementations where these variables are improperly secured.

💻 Affected Systems

Products:

OSPF implementations using vulnerable environment variable handling

Versions: Specific versions not detailed in reference; check vendor advisory for affected versions.

Operating Systems: Linux-based systems primarily, potentially others depending on implementation

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists when OSPF service allows configuration changes via these environment variables without proper validation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete network disruption through OSPF route poisoning, causing widespread DoS across routing infrastructure.

🟠

Likely Case

Localized network instability or service disruption affecting OSPF routing tables.

🟢

If Mitigated

Minimal impact if proper access controls and environment variable restrictions are enforced.

🌐 Internet-Facing: MEDIUM - Requires OSPF exposure to untrusted networks, which is less common in internet-facing configurations.

🏢 Internal Only: HIGH - Internal attackers with low privileges can disrupt critical routing infrastructure.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires low-privileged access to modify environment variables, making it straightforward for authenticated attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor-specific updates; reference VDE-2024-039 advisory for details.

Vendor Advisory: https://cert.vde.com/en/advisories/VDE-2024-039

Restart Required: Yes

Instructions:

1. Review VDE advisory for affected products. 2. Apply vendor-provided patches. 3. Restart OSPF services. 4. Verify environment variable restrictions are enforced.

🔧 Temporary Workarounds

Restrict Environment Variable Access

linux

Limit ability to set OSPF_INTERFACE.SIMPLE_KEY and OSPF_INTERFACE.DIGEST_KEY environment variables to privileged users only.

export OSPF_INTERFACE_SIMPLE_KEY=""
export OSPF_INTERFACE_DIGEST_KEY=""
chmod 600 /etc/environment

Network Segmentation

all

Isolate OSPF services from untrusted networks and low-privileged user access.

🧯 If You Can't Patch

Implement strict access controls to prevent low-privileged users from modifying OSPF configuration or environment variables.
Monitor and alert on unauthorized changes to OSPF configuration files or environment variables.

🔍 How to Verify

Check if Vulnerable:

Check if OSPF_INTERFACE.SIMPLE_KEY or OSPF_INTERFACE.DIGEST_KEY environment variables are writable by low-privileged users: `env | grep OSPF_INTERFACE` and review permissions.

Check Version:

Check OSPF implementation version via vendor-specific commands; e.g., `ospfd -v` or consult vendor documentation.

Verify Fix Applied:

Verify environment variables cannot be modified by non-privileged users and OSPF service runs with restricted privileges.

📡 Detection & Monitoring

Log Indicators:

Unauthorized OSPF configuration changes
Failed authentication attempts to modify OSPF settings
Unexpected OSPF route advertisements

Network Indicators:

Abnormal OSPF packet floods
Unexpected routing table changes
OSPF neighbor state fluctuations

SIEM Query:

source="ospf.log" AND (event="config_change" OR event="auth_failure")

📊 Metadata

CVE ID: CVE-2024-43389

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE: CWE-94

Published: September 10, 2024

Last Updated: August 22, 2025

🔗 References

https://cert.vde.com/en/advisories/VDE-2024-039 Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Fl Mguard 2102 Firmware by Phoenixcontact

Fl Mguard 2105 Firmware by Phoenixcontact

Fl Mguard 4102 Pci Firmware by Phoenixcontact

Fl Mguard 4102 Pcie Firmware by Phoenixcontact

Fl Mguard 4302 Firmware by Phoenixcontact

Fl Mguard 4305 Firmware by Phoenixcontact

Fl Mguard Centerport Vpn 1000 Firmware by Phoenixcontact

Fl Mguard Core Tx Firmware by Phoenixcontact

Fl Mguard Core Tx Vpn Firmware by Phoenixcontact

Fl Mguard Delta Tx\/tx Firmware by Phoenixcontact

Fl Mguard Delta Tx\/tx Vpn Firmware by Phoenixcontact

Fl Mguard Gt\/gt Firmware by Phoenixcontact

Fl Mguard Gt\/gt Vpn Firmware by Phoenixcontact

Fl Mguard Pci4000 Firmware by Phoenixcontact

Fl Mguard Pci4000 Vpn Firmware by Phoenixcontact

Fl Mguard Pcie4000 Firmware by Phoenixcontact

Fl Mguard Pcie4000 Vpn Firmware by Phoenixcontact

Fl Mguard Rs2000 Tx\/tx B Firmware by Phoenixcontact

Fl Mguard Rs2000 Tx\/tx Vpn Firmware by Phoenixcontact

Fl Mguard Rs2005 Tx Vpn Firmware by Phoenixcontact

Fl Mguard Rs4000 Tx\/tx Firmware by Phoenixcontact

Fl Mguard Rs4000 Tx\/tx M Firmware by Phoenixcontact

Fl Mguard Rs4000 Tx\/tx P Firmware by Phoenixcontact

Fl Mguard Rs4000 Tx\/tx Vpn Firmware by Phoenixcontact

Fl Mguard Rs4004 Tx\/dtx Firmware by Phoenixcontact

Fl Mguard Rs4004 Tx\/dtx Vpn Firmware by Phoenixcontact

Fl Mguard Smart2 Firmware by Phoenixcontact

Fl Mguard Smart2 Vpn Firmware by Phoenixcontact

Tc Mguard Rs2000 3g Vpn Firmware by Phoenixcontact

Tc Mguard Rs2000 4g Att Vpn Firmware by Phoenixcontact

Tc Mguard Rs2000 4g Vpn Firmware by Phoenixcontact

Tc Mguard Rs2000 4g Vzw Vpn Firmware by Phoenixcontact

Tc Mguard Rs4000 3g Vpn Firmware by Phoenixcontact

Tc Mguard Rs4000 4g Att Vpn Firmware by Phoenixcontact

Tc Mguard Rs4000 4g Vpn Firmware by Phoenixcontact

Tc Mguard Rs4000 4g Vzw Vpn Firmware by Phoenixcontact