Vulnerability Details CVE-2021-34578
This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 6.8
References
Products affected by CVE-2021-34578
-
cpe:2.3:h:wago:750-362:-
-
cpe:2.3:h:wago:750-363:-
-
cpe:2.3:h:wago:750-823:-
-
cpe:2.3:h:wago:750-832/000-002:-
-
cpe:2.3:h:wago:750-832:-
-
cpe:2.3:h:wago:750-862:-
-
cpe:2.3:h:wago:750-890/025-000:-
-
cpe:2.3:h:wago:750-890/025-001:-
-
cpe:2.3:h:wago:750-890/025-002:-
-
cpe:2.3:h:wago:750-890/040-000:-
-
cpe:2.3:h:wago:750-891:-
-
cpe:2.3:h:wago:750-893:-
-
cpe:2.3:o:wago:750-362_firmware:-
-
cpe:2.3:o:wago:750-362_firmware:fw03
-
cpe:2.3:o:wago:750-363_firmware:-
-
cpe:2.3:o:wago:750-363_firmware:fw03
-
cpe:2.3:o:wago:750-823_firmware:-
-
cpe:2.3:o:wago:750-823_firmware:fw03
-
cpe:2.3:o:wago:750-823_firmware:fw07
-
cpe:2.3:o:wago:750-832/000-002_firmware:-
-
cpe:2.3:o:wago:750-832_firmware:-
-
cpe:2.3:o:wago:750-832_firmware:fw03
-
cpe:2.3:o:wago:750-832_firmware:fw06
-
cpe:2.3:o:wago:750-862_firmware:-
-
cpe:2.3:o:wago:750-862_firmware:fw03
-
cpe:2.3:o:wago:750-862_firmware:fw07
-
cpe:2.3:o:wago:750-890/025-000_firmware:-
-
cpe:2.3:o:wago:750-890/025-001_firmware:-
-
cpe:2.3:o:wago:750-890/025-002_firmware:-
-
cpe:2.3:o:wago:750-890/040-000_firmware:-
-
cpe:2.3:o:wago:750-891_firmware:-
-
cpe:2.3:o:wago:750-891_firmware:fw03
-
cpe:2.3:o:wago:750-891_firmware:fw07
-
cpe:2.3:o:wago:750-893_firmware:-
-
cpe:2.3:o:wago:750-893_firmware:fw07