CVE-2020-12522

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.
References
Link Resource
https://cert.vde.com/en-us/advisories/vde-2020-045 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:wago:pfc_100_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:wago:750-8101\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8102\/025-000:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:wago:pfc_200_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:wago:750-8202\/000-012:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8202\/000-022:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8202\/040-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8202\/040-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8206\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8206\/025-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8206\/040-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8206\/040-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8207\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8207\/025-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8208\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8208\/025-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8210\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8210\/040-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8211\/040-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8211\/040-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212\/040-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212\/025-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212\/025-002:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8212\/040-010:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8213\/040-010:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8216\/025-000:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8216\/025-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-8217\/025-000:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:wago:touch_panel_600_standard_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:wago:762-4301\/8000-002:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-4302\/8000-002:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-4303\/8000-002:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-4304\/8000-002:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:wago:touch_panel_600_advanced_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:wago:762-5303\/8000-002:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-5304\/8000-002:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:wago:touch_panel_600_marine_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:wago:762-6201\/8000-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-6202\/8000-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-6203\/8000-001:-:*:*:*:*:*:*:*
cpe:2.3:h:wago:762-6204\/8000-001:-:*:*:*:*:*:*:*

Information

Published : 2020-12-17 15:15

Updated : 2020-12-23 07:45


NVD link : CVE-2020-12522

Mitre link : CVE-2020-12522


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

wago

  • 750-8212\/040-000
  • 762-6202\/8000-001
  • pfc_100_firmware
  • 750-8206\/025-000
  • 750-8202\/040-000
  • 750-8207\/025-000
  • 750-8102\/025-000
  • 750-8202\/040-001
  • 750-8212\/040-010
  • 750-8216\/025-001
  • touch_panel_600_advanced_firmware
  • 750-8206\/025-001
  • 750-8210\/025-000
  • 750-8202\/000-022
  • 750-8212\/025-001
  • 750-8206\/040-001
  • touch_panel_600_marine_firmware
  • 750-8208\/025-001
  • 750-8211\/040-000
  • 750-8212\/025-002
  • 750-8208\/025-000
  • 762-4302\/8000-002
  • 750-8211\/040-001
  • 750-8206\/040-000
  • 762-5303\/8000-002
  • 750-8213\/040-010
  • 750-8216\/025-000
  • 762-5304\/8000-002
  • 762-4301\/8000-002
  • pfc_200_firmware
  • 762-6201\/8000-001
  • 762-6203\/8000-001
  • 750-8217\/025-000
  • 762-6204\/8000-001
  • 762-4303\/8000-002
  • 750-8212\/025-000
  • touch_panel_600_standard_firmware
  • 762-4304\/8000-002
  • 750-8101\/025-000
  • 750-8207\/025-001
  • 750-8202\/000-012
  • 750-8210\/040-000