Search

Find a vulnerability

Search criteria

    9 vulnerabilities found for 750-831/xxx-xxx by Wago

    VAR-202012-0100

    Vulnerability from variot - Updated: 2024-11-23 22:11

    Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. 750-88x and 750-352 The series is WAGO Provides PLC is. The product is exhausted (CWE-400) Service operation interruption due to (DoS) Vulnerability exists.Packets crafted by a remote third party HTTP(S) 80/443 Service operation interruption by receiving at the port (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-0100",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "750-880",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-881",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-885",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-352",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-829",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-352",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-829",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-881",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-885",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-889",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-852",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-852",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-831",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-831",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-882",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-880",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-889",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-882",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-331",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw10"
          },
          {
            "model": "750-331",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "wago",
            "version": "fw1"
          },
          {
            "model": "750-331/xxx-xxx",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-352",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-829",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-831/xxx-xxx",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-852",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-880/xxx-xxx",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-881",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-882",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-885",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          },
          {
            "model": "750-889",
            "scope": null,
            "trust": 0.8,
            "vendor": "wago",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:wago:750-331_xxx_xxx_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-352_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-829_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-831_xxx_xxx_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-852_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-880_xxx_xxx_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-881_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-882_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-885_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:wago:750-889_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          }
        ]
      },
      "cve": "CVE-2020-12516",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-12516",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-12516",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "IPA score",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-009454",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-12516",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "info@cert.vde.com",
                "id": "CVE-2020-12516",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "IPA",
                "id": "JVNDB-2020-009454",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202011-183",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. 750-88x and 750-352 The series is WAGO Provides PLC is. The product is exhausted (CWE-400) Service operation interruption due to (DoS) Vulnerability exists.Packets crafted by a remote third party HTTP(S) 80/443 Service operation interruption by receiving at the port (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT@VDE",
            "id": "VDE-2020-042",
            "trust": 2.4
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-308-01",
            "trust": 2.4
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516",
            "trust": 2.4
          },
          {
            "db": "JVN",
            "id": "JVNVU99899290",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3794",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "id": "VAR-202012-0100",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.6507937
      },
      "last_update_date": "2024-11-23T22:11:14.923000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Download request",
            "trust": 0.8,
            "url": "https://www.wago.com/us/requestDownload?downloadFile=FWMedia_58_750-881"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-400",
            "trust": 1.8
          },
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
          },
          {
            "trust": 2.4,
            "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12516"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu99899290"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12516"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3794/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-11-06T02:44:01",
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "date": "2020-11-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          },
          {
            "date": "2020-12-10T03:15:11.593000",
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-12-17T03:09:25",
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          },
          {
            "date": "2020-12-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          },
          {
            "date": "2024-11-21T04:59:50.853000",
            "db": "NVD",
            "id": "CVE-2020-12516"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "WAGO Made of  750-88x and  750-352 Resource exhaustion vulnerability in series",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-009454"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202011-183"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2023-1620 (GCVE-0-2023-1620)

    Vulnerability from nvd – Published: 2023-06-26 06:19 – Updated: 2024-11-12 14:11
    VLAI
    Title
    WAGO: DoS in multiple products in multiple versions using Codesys
    Summary
    Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1288 - Improper Validation of Consistency within Input
    Assigner
    References
    Impacted products
    Vendor Product Version
    Wago 750-8202/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8203/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8204/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8206/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8207/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8208/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8210/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8211/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8212/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8213/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8214/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8216/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8217/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-823 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-332 Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-832/xxx-xxx Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-862 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-890/xxx-xxx Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-891 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-893 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-331 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-829 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-831/xxx-xxx Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-852 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-880/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-881 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-882 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-885/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-889 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Credits
    Daniel dos Santos from Forescout Abdelrahman Hassanien from Forescout
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.833Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1620",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:30:42.286955Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T14:11:36.673Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "750-8202/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8203/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8204/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8206/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8207/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8208/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8210/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8211/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8212/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8213/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8214/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8216/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8217/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-823",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-332",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-832/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-862",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-890/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-891",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-893",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-331",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-829",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-831/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-852",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-880/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-881",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-882",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-885/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-889",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Daniel dos Santos from Forescout"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Abdelrahman Hassanien from Forescout"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime."
                }
              ],
              "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1288",
                  "description": "CWE-1288 Improper Validation of Consistency within Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T05:28:51.078Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-006",
            "defect": [
              "CERT@VDE#64417"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "WAGO: DoS in multiple products in multiple versions using Codesys",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-1620",
        "datePublished": "2023-06-26T06:19:30.928Z",
        "dateReserved": "2023-03-24T10:12:26.426Z",
        "dateUpdated": "2024-11-12T14:11:36.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1619 (GCVE-0-2023-1619)

    Vulnerability from nvd – Published: 2023-06-26 06:18 – Updated: 2024-10-02 05:28
    VLAI
    Title
    WAGO: DoS in multiple versions of multiple products
    Summary
    Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.
    CWE
    • CWE-1288 - Improper Validation of Consistency within Input
    Assigner
    References
    Impacted products
    Vendor Product Version
    Wago 750-8202/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8203/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8204/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8206/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8207/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8208/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8210/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8211/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8212/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8213/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8214/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8216/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8217/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-823 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-332 Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-832/xxx-xxx Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-862 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-890/xxx-xxx Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-891 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-893 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-331 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-829 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-831/xxx-xxx Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-852 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-880/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-881 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-882 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-885/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-889 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Credits
    Daniel dos Santos from Forescout Abdelrahman Hassanien from Forescout
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "750-8202/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8203/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8204/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8206/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8207/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8208/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8210/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8211/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8212/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8213/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8214/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8216/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8217/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-823",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-332",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-832/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-862",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-890/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-891",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-893",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-331",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-829",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-831/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-852",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-880/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-881",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-882",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-885/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-889",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Daniel dos Santos from Forescout"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Abdelrahman Hassanien from Forescout"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet."
                }
              ],
              "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1288",
                  "description": "CWE-1288 Improper Validation of Consistency within Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T05:28:23.250Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-006",
            "defect": [
              "CERT@VDE#64417"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "WAGO: DoS in multiple versions of multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-1619",
        "datePublished": "2023-06-26T06:18:33.981Z",
        "dateReserved": "2023-03-24T10:12:25.218Z",
        "dateUpdated": "2024-10-02T05:28:23.250Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12516 (GCVE-0-2020-12516)

    Vulnerability from nvd – Published: 2020-12-10 03:04 – Updated: 2024-09-16 22:14
    VLAI
    Title
    WAGO: PLC families 750-88x and 750-352 prone to DoS attack
    Summary
    Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Date Public
    2020-12-09 00:00
    Credits
    These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:52.085Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "750-331/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-352",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-829",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-831/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-852",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-880/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-881",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-882",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-885",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-889",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
            }
          ],
          "datePublic": "2020-12-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-22T21:14:49.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update the device to the latest FW version."
            }
          ],
          "source": {
            "advisory": "VDE-2020-042",
            "defect": [
              "VDE-2020-042"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack",
          "workarounds": [
            {
              "lang": "en",
              "value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "",
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2020-12-09T09:00:00.000Z",
              "ID": "CVE-2020-12516",
              "STATE": "PUBLIC",
              "TITLE": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "750-331/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-352",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-829",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-831/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-852",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-880/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-881",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-882",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-885",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-889",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "WAGO"
                  }
                ]
              }
            },
            "configuration": [],
            "credit": [
              {
                "lang": "eng",
                "value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
                }
              ]
            },
            "exploit": [],
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-400 Uncontrolled Resource Consumption"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01",
                  "refsource": "MISC",
                  "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
                },
                {
                  "name": "https://cert.vde.com/en-us/advisories/vde-2020-042",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update the device to the latest FW version."
              }
            ],
            "source": {
              "advisory": "VDE-2020-042",
              "defect": [
                "VDE-2020-042"
              ],
              "discovery": "UNKNOWN"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2020-12516",
        "datePublished": "2020-12-10T03:04:17.186Z",
        "dateReserved": "2020-04-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:14:10.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12505 (GCVE-0-2020-12505)

    Vulnerability from nvd – Published: 2020-09-30 15:43 – Updated: 2024-09-16 18:08
    VLAI
    Title
    WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07
    Summary
    Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below.
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    WAGO 750-852 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-880/xxx-xxx Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-881 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-831/xxx-xxx Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-882 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-885/xxx-xxx Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-889 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    Date Public
    2020-09-29 00:00
    Credits
    Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO. coordinated by CERT@VDE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:52.075Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "750-852",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-880/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-881",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-831/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-882",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-885/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-889",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO."
            },
            {
              "lang": "en",
              "value": "coordinated by CERT@VDE"
            }
          ],
          "datePublic": "2020-09-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version \u003c= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-10T11:21:59.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade devices to the latest standard firmware (\u003e FW07)."
            }
          ],
          "source": {
            "advisory": "vde-2020-027",
            "defect": [
              "vde-2020-027"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version \u003c= FW07",
          "workarounds": [
            {
              "lang": "en",
              "value": "Restrict network access to the device.\nDo not directly connect the device to the internet.\nDisable unused TCP/UDP ports.\nDisable web-based management ports 80/443 after the configuration phase"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2020-09-29T22:00:00.000Z",
              "ID": "CVE-2020-12505",
              "STATE": "PUBLIC",
              "TITLE": "WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version \u003c= FW07"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "750-852",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-880/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-881",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-831/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-882",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-885/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-889",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "WAGO"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO."
              },
              {
                "lang": "eng",
                "value": "coordinated by CERT@VDE"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version \u003c= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-306 Missing Authentication for Critical Function"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en-us/advisories/vde-2020-027",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade devices to the latest standard firmware (\u003e FW07)."
              }
            ],
            "source": {
              "advisory": "vde-2020-027",
              "defect": [
                "vde-2020-027"
              ],
              "discovery": "EXTERNAL"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "Restrict network access to the device.\nDo not directly connect the device to the internet.\nDisable unused TCP/UDP ports.\nDisable web-based management ports 80/443 after the configuration phase"
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2020-12505",
        "datePublished": "2020-09-30T15:43:20.359Z",
        "dateReserved": "2020-04-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:08:56.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1620 (GCVE-0-2023-1620)

    Vulnerability from cvelistv5 – Published: 2023-06-26 06:19 – Updated: 2024-11-12 14:11
    VLAI
    Title
    WAGO: DoS in multiple products in multiple versions using Codesys
    Summary
    Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1288 - Improper Validation of Consistency within Input
    Assigner
    References
    Impacted products
    Vendor Product Version
    Wago 750-8202/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8203/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8204/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8206/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8207/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8208/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8210/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8211/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8212/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8213/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8214/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8216/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8217/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-823 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-332 Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-832/xxx-xxx Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-862 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-890/xxx-xxx Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-891 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-893 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-331 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-829 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-831/xxx-xxx Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-852 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-880/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-881 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-882 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-885/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-889 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Credits
    Daniel dos Santos from Forescout Abdelrahman Hassanien from Forescout
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.833Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1620",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:30:42.286955Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T14:11:36.673Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "750-8202/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8203/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8204/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8206/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8207/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8208/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8210/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8211/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8212/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8213/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8214/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8216/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8217/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-823",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-332",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-832/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-862",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-890/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-891",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-893",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-331",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-829",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-831/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-852",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-880/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-881",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-882",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-885/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-889",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Daniel dos Santos from Forescout"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Abdelrahman Hassanien from Forescout"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime."
                }
              ],
              "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1288",
                  "description": "CWE-1288 Improper Validation of Consistency within Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T05:28:51.078Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-006",
            "defect": [
              "CERT@VDE#64417"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "WAGO: DoS in multiple products in multiple versions using Codesys",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-1620",
        "datePublished": "2023-06-26T06:19:30.928Z",
        "dateReserved": "2023-03-24T10:12:26.426Z",
        "dateUpdated": "2024-11-12T14:11:36.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1619 (GCVE-0-2023-1619)

    Vulnerability from cvelistv5 – Published: 2023-06-26 06:18 – Updated: 2024-10-02 05:28
    VLAI
    Title
    WAGO: DoS in multiple versions of multiple products
    Summary
    Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.
    CWE
    • CWE-1288 - Improper Validation of Consistency within Input
    Assigner
    References
    Impacted products
    Vendor Product Version
    Wago 750-8202/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8203/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8204/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8206/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8207/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8208/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8210/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8211/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8212/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8213/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8214/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8216/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-8217/xxx-xxx Affected: FW1 , ≤ FW22 SP1 (custom)
    Create a notification for this product.
    Wago 750-823 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-332 Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-832/xxx-xxx Affected: FW1 , ≤ FW6 (custom)
    Create a notification for this product.
    Wago 750-862 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-890/xxx-xxx Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-891 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-893 Affected: FW1 , ≤ FW10 (custom)
    Create a notification for this product.
    Wago 750-331 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-829 Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-831/xxx-xxx Affected: FW1 , ≤ FW14 (custom)
    Create a notification for this product.
    Wago 750-852 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-880/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-881 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-882 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-885/xxx-xxx Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Wago 750-889 Affected: FW1 , ≤ FW16 (custom)
    Create a notification for this product.
    Credits
    Daniel dos Santos from Forescout Abdelrahman Hassanien from Forescout
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "750-8202/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8203/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8204/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8206/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8207/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8208/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8210/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8211/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8212/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8213/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8214/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8216/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-8217/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW22 SP1",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-823",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-332",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-832/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW6",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-862",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-890/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-891",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-893",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW10",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-331",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-829",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-831/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW14",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-852",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-880/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-881",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-882",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-885/xxx-xxx",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "750-889",
              "vendor": "Wago",
              "versions": [
                {
                  "lessThanOrEqual": "FW16",
                  "status": "affected",
                  "version": "FW1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Daniel dos Santos from Forescout"
            },
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Abdelrahman Hassanien from Forescout"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet."
                }
              ],
              "value": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1288",
                  "description": "CWE-1288 Improper Validation of Consistency within Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T05:28:23.250Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2023-006/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-006",
            "defect": [
              "CERT@VDE#64417"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "WAGO: DoS in multiple versions of multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-1619",
        "datePublished": "2023-06-26T06:18:33.981Z",
        "dateReserved": "2023-03-24T10:12:25.218Z",
        "dateUpdated": "2024-10-02T05:28:23.250Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12516 (GCVE-0-2020-12516)

    Vulnerability from cvelistv5 – Published: 2020-12-10 03:04 – Updated: 2024-09-16 22:14
    VLAI
    Title
    WAGO: PLC families 750-88x and 750-352 prone to DoS attack
    Summary
    Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Date Public
    2020-12-09 00:00
    Credits
    These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:52.085Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "750-331/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-352",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-829",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-831/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-852",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-880/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-881",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-882",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-885",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            },
            {
              "product": "750-889",
              "vendor": "WAGO",
              "versions": [
                {
                  "status": "affected",
                  "version": "FW1\u003c=FW10"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
            }
          ],
          "datePublic": "2020-12-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-22T21:14:49.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update the device to the latest FW version."
            }
          ],
          "source": {
            "advisory": "VDE-2020-042",
            "defect": [
              "VDE-2020-042"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack",
          "workarounds": [
            {
              "lang": "en",
              "value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "",
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2020-12-09T09:00:00.000Z",
              "ID": "CVE-2020-12516",
              "STATE": "PUBLIC",
              "TITLE": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "750-331/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-352",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-829",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-831/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-852",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-880/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-881",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-882",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-885",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-889",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FW1\u003c=FW10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "WAGO"
                  }
                ]
              }
            },
            "configuration": [],
            "credit": [
              {
                "lang": "eng",
                "value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
                }
              ]
            },
            "exploit": [],
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-400 Uncontrolled Resource Consumption"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01",
                  "refsource": "MISC",
                  "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
                },
                {
                  "name": "https://cert.vde.com/en-us/advisories/vde-2020-042",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update the device to the latest FW version."
              }
            ],
            "source": {
              "advisory": "VDE-2020-042",
              "defect": [
                "VDE-2020-042"
              ],
              "discovery": "UNKNOWN"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2020-12516",
        "datePublished": "2020-12-10T03:04:17.186Z",
        "dateReserved": "2020-04-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:14:10.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-12505 (GCVE-0-2020-12505)

    Vulnerability from cvelistv5 – Published: 2020-09-30 15:43 – Updated: 2024-09-16 18:08
    VLAI
    Title
    WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07
    Summary
    Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below.
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    WAGO 750-852 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-880/xxx-xxx Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-881 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-831/xxx-xxx Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-882 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-885/xxx-xxx Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    WAGO 750-889 Affected: unspecified , ≤ FW07 (custom)
    Create a notification for this product.
    Date Public
    2020-09-29 00:00
    Credits
    Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO. coordinated by CERT@VDE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:56:52.075Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "750-852",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-880/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-881",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-831/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-882",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-885/xxx-xxx",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "750-889",
              "vendor": "WAGO",
              "versions": [
                {
                  "lessThanOrEqual": "FW07",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO."
            },
            {
              "lang": "en",
              "value": "coordinated by CERT@VDE"
            }
          ],
          "datePublic": "2020-09-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version \u003c= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-10T11:21:59.000Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade devices to the latest standard firmware (\u003e FW07)."
            }
          ],
          "source": {
            "advisory": "vde-2020-027",
            "defect": [
              "vde-2020-027"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version \u003c= FW07",
          "workarounds": [
            {
              "lang": "en",
              "value": "Restrict network access to the device.\nDo not directly connect the device to the internet.\nDisable unused TCP/UDP ports.\nDisable web-based management ports 80/443 after the configuration phase"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "info@cert.vde.com",
              "DATE_PUBLIC": "2020-09-29T22:00:00.000Z",
              "ID": "CVE-2020-12505",
              "STATE": "PUBLIC",
              "TITLE": "WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version \u003c= FW07"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "750-852",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-880/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-881",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-831/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-882",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-885/xxx-xxx",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "750-889",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "FW07"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "WAGO"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO."
              },
              {
                "lang": "eng",
                "value": "coordinated by CERT@VDE"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version \u003c= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-306 Missing Authentication for Critical Function"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cert.vde.com/en-us/advisories/vde-2020-027",
                  "refsource": "CONFIRM",
                  "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade devices to the latest standard firmware (\u003e FW07)."
              }
            ],
            "source": {
              "advisory": "vde-2020-027",
              "defect": [
                "vde-2020-027"
              ],
              "discovery": "EXTERNAL"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "Restrict network access to the device.\nDo not directly connect the device to the internet.\nDisable unused TCP/UDP ports.\nDisable web-based management ports 80/443 after the configuration phase"
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2020-12505",
        "datePublished": "2020-09-30T15:43:20.359Z",
        "dateReserved": "2020-04-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:08:56.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }