Wago: >> 762-4205/8000-002 Firmware Security Vulnerabilities
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-12-26
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-11-09
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-09
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
CVSS Score
8.2
EPSS Score
0.008
Published
2022-11-09
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
CVSS Score
9.1
EPSS Score
0.002
Published
2022-11-09
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-03-09