2023-06-26
|
CVE-2023-1620
|
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
|
750\-331_firmware, 750\-8202\/000\-011_firmware, 750\-8202\/000\-012_firmware, 750\-8202\/000\-022_firmware, 750\-8202\/025\-000_firmware, 750\-8202\/025\-001_firmware, 750\-8202\/025\-002_firmware, 750\-8202\/040\-000_firmware, 750\-8202\/040\-001_firmware, 750\-8202_firmware, 750\-8203\/025\-000_firmware, 750\-8203_firmware, 750\-8204\/025\-000_firmware, 750\-8204_firmware, 750\-8206\/025\-000_firmware, 750\-8206\/025\-001_firmware, 750\-8206\/040\-000_firmware, 750\-8206\/040\-001_firmware, 750\-8206_firmware, 750\-8207\/025\-000_firmware, 750\-8207\/025\-001_firmware, 750\-8207_firmware, 750\-8208\/025\-000_firmware, 750\-8208\/025\-001_firmware, 750\-8208_firmware, 750\-8210\/025\-000_firmware, 750\-8210\/040\-000_firmware, 750\-8210_firmware, 750\-8211\/040\-000_firmware, 750\-8211\/040\-001_firmware, 750\-8211_firmware, 750\-8212\/000\-100_firmware, 750\-8212\/025\-000_firmware, 750\-8212\/025\-001_firmware, 750\-8212\/025\-002_firmware, 750\-8212\/040\-000_firmware, 750\-8212\/040\-001_firmware, 750\-8212\/040\-010_firmware, 750\-8212_firmware, 750\-8213\/040\-010_firmware, 750\-8213_firmware, 750\-8214_firmware, 750\-8215_firmware, 750\-8216\/025\-000_firmware, 750\-8216\/025\-001_firmware, 750\-8216\/040\-000_firmware, 750\-8216_firmware, 750\-8217\/025\-000_firmware, 750\-8217\/600\-000_firmware, 750\-8217\/625\-000_firmware, 750\-8217_firmware, 750\-823_firmware, 750\-829_firmware, 750\-831\/000\-002_firmware, 750\-831_firmware, 750\-832\/000\-002_firmware, 750\-832_firmware, 750\-852_firmware, 750\-862_firmware, 750\-880\/025\-000_firmware, 750\-880\/025\-001_firmware, 750\-880\/025\-002_firmware, 750\-880\/040\-000_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885\/025\-000_firmware, 750\-885_firmware, 750\-889_firmware, 750\-890\/025\-000_firmware, 750\-890\/025\-001_firmware, 750\-890\/025\-002_firmware, 750\-890\/040\-000_firmware, 750\-890_firmware, 750\-891_firmware, 750\-893_firmware
|
4.9
|
|
|
2023-06-26
|
CVE-2023-1619
|
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.
|
750\-331_firmware, 750\-8202\/000\-011_firmware, 750\-8202\/000\-012_firmware, 750\-8202\/000\-022_firmware, 750\-8202\/025\-000_firmware, 750\-8202\/025\-001_firmware, 750\-8202\/025\-002_firmware, 750\-8202\/040\-000_firmware, 750\-8202\/040\-001_firmware, 750\-8202_firmware, 750\-8203\/025\-000_firmware, 750\-8203_firmware, 750\-8204\/025\-000_firmware, 750\-8204_firmware, 750\-8206\/025\-000_firmware, 750\-8206\/025\-001_firmware, 750\-8206\/040\-000_firmware, 750\-8206\/040\-001_firmware, 750\-8206_firmware, 750\-8207\/025\-000_firmware, 750\-8207\/025\-001_firmware, 750\-8207_firmware, 750\-8208\/025\-000_firmware, 750\-8208\/025\-001_firmware, 750\-8208_firmware, 750\-8210\/025\-000_firmware, 750\-8210\/040\-000_firmware, 750\-8210_firmware, 750\-8211\/040\-000_firmware, 750\-8211\/040\-001_firmware, 750\-8211_firmware, 750\-8212\/000\-100_firmware, 750\-8212\/025\-000_firmware, 750\-8212\/025\-001_firmware, 750\-8212\/025\-002_firmware, 750\-8212\/040\-000_firmware, 750\-8212\/040\-001_firmware, 750\-8212\/040\-010_firmware, 750\-8212_firmware, 750\-8213\/040\-010_firmware, 750\-8213_firmware, 750\-8214_firmware, 750\-8215_firmware, 750\-8216\/025\-000_firmware, 750\-8216\/025\-001_firmware, 750\-8216\/040\-000_firmware, 750\-8216_firmware, 750\-8217\/025\-000_firmware, 750\-8217\/600\-000_firmware, 750\-8217\/625\-000_firmware, 750\-8217_firmware, 750\-823_firmware, 750\-829_firmware, 750\-831\/000\-002_firmware, 750\-831_firmware, 750\-832\/000\-002_firmware, 750\-832_firmware, 750\-852_firmware, 750\-862_firmware, 750\-880\/025\-000_firmware, 750\-880\/025\-001_firmware, 750\-880\/025\-002_firmware, 750\-880\/040\-000_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885\/025\-000_firmware, 750\-885_firmware, 750\-889_firmware, 750\-890\/025\-000_firmware, 750\-890\/025\-001_firmware, 750\-890\/025\-002_firmware, 750\-890\/040\-000_firmware, 750\-890_firmware, 750\-891_firmware, 750\-893_firmware
|
4.9
|
|
|
2019-05-07
|
CVE-2019-10712
|
The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.
|
750\-330_firmware, 750\-352_firmware, 750\-829_firmware, 750\-830_firmware, 750\-831_firmware, 750\-849_firmware, 750\-852_firmware, 750\-871_firmware, 750\-872_firmware, 750\-873_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-884_firmware, 750\-885_firmware, 750\-889_firmware
|
9.8
|
|
|
2020-12-10
|
CVE-2020-12516
|
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
|
750\-331_firmware, 750\-352_firmware, 750\-829_firmware, 750\-831_firmware, 750\-852_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885_firmware, 750\-889_firmware
|
7.5
|
|
|
2020-09-30
|
CVE-2020-12505
|
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below.
|
750\-831_firmware, 750\-852_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885_firmware, 750\-889_firmware
|
9.1
|
|
|
2021-05-24
|
CVE-2021-21000
|
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.
|
750\-8202_firmware, 750\-8203_firmware, 750\-8204_firmware, 750\-8206_firmware, 750\-8207_firmware, 750\-8208_firmware, 750\-8210_firmware, 750\-8211_firmware, 750\-8212_firmware, 750\-8213_firmware, 750\-8214_firmware, 750\-8216_firmware, 750\-8217_firmware, 750\-823_firmware, 750\-829_firmware, 750\-831_firmware, 750\-832_firmware, 750\-852_firmware, 750\-862_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885_firmware, 750\-889_firmware, 750\-890_firmware, 750\-891_firmware, 750\-893_firmware
|
7.5
|
|
|
2021-05-24
|
CVE-2021-21001
|
On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.
|
750\-8202_firmware, 750\-8203_firmware, 750\-8204_firmware, 750\-8206_firmware, 750\-8207_firmware, 750\-8208_firmware, 750\-8210_firmware, 750\-8211_firmware, 750\-8212_firmware, 750\-8213_firmware, 750\-8214_firmware, 750\-8216_firmware, 750\-8217_firmware, 750\-823_firmware, 750\-829_firmware, 750\-831_firmware, 750\-832_firmware, 750\-852_firmware, 750\-862_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885_firmware, 750\-889_firmware, 750\-890_firmware, 750\-891_firmware, 750\-893_firmware
|
6.5
|
|
|
2018-04-03
|
CVE-2018-8836
|
Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools.
|
750\-829_firmware, 750\-831_firmware, 750\-852_firmware, 750\-880_firmware, 750\-881_firmware, 750\-882_firmware, 750\-885_firmware, 750\-889_firmware
|
5.3
|
|
|