Vulnerability Details CVE-2023-3379
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.5%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2023-3379
-
cpe:2.3:h:wago:compact_controller_100:-
-
cpe:2.3:h:wago:edge_controller:-
-
cpe:2.3:h:wago:pfc100:-
-
cpe:2.3:h:wago:pfc200:-
-
cpe:2.3:h:wago:touch_panel_600_advanced:-
-
cpe:2.3:h:wago:touch_panel_600_marine:-
-
cpe:2.3:h:wago:touch_panel_600_standard:-
-
cpe:2.3:o:wago:compact_controller_100_firmware:19
-
cpe:2.3:o:wago:compact_controller_100_firmware:20
-
cpe:2.3:o:wago:compact_controller_100_firmware:22
-
cpe:2.3:o:wago:compact_controller_100_firmware:23
-
cpe:2.3:o:wago:compact_controller_100_firmware:25
-
cpe:2.3:o:wago:edge_controller_firmware:16
-
cpe:2.3:o:wago:edge_controller_firmware:18
-
cpe:2.3:o:wago:edge_controller_firmware:22
-
cpe:2.3:o:wago:edge_controller_firmware:25
-
cpe:2.3:o:wago:pfc100_firmware:-
-
cpe:2.3:o:wago:pfc100_firmware:03.00.39(12)
-
cpe:2.3:o:wago:pfc100_firmware:03.01.07(13)
-
cpe:2.3:o:wago:pfc100_firmware:16
-
cpe:2.3:o:wago:pfc100_firmware:20
-
cpe:2.3:o:wago:pfc100_firmware:22
-
cpe:2.3:o:wago:pfc200_firmware:-
-
cpe:2.3:o:wago:pfc200_firmware:03.00.39(12)
-
cpe:2.3:o:wago:pfc200_firmware:03.01.07(13)
-
cpe:2.3:o:wago:pfc200_firmware:03.02.02(14)
-
cpe:2.3:o:wago:pfc200_firmware:03.03.10(15)
-
cpe:2.3:o:wago:pfc200_firmware:16
-
cpe:2.3:o:wago:pfc200_firmware:20
-
cpe:2.3:o:wago:pfc200_firmware:22
-
cpe:2.3:o:wago:pfc200_firmware:23
-
cpe:2.3:o:wago:pfc200_firmware:24
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:-
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:10
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:16
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:23
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:24
-
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:25
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:-
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:10
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:16
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:22
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:23
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:24
-
cpe:2.3:o:wago:touch_panel_600_marine_firmware:25
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:-
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:10
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:16
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:22
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:23
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:24
-
cpe:2.3:o:wago:touch_panel_600_standard_firmware:25