Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-12516 | 1 Wago | 20 750-331, 750-331 Firmware, 750-352 and 17 more | 2022-10-07 | 5.0 MEDIUM | 7.5 HIGH |
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. | |||||
CVE-2021-21000 | 1 Wago | 54 750-8202, 750-8202 Firmware, 750-8203 and 51 more | 2021-05-28 | 5.0 MEDIUM | 7.5 HIGH |
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime. | |||||
CVE-2021-21001 | 1 Wago | 54 750-8202, 750-8202 Firmware, 750-8203 and 51 more | 2021-05-28 | 4.0 MEDIUM | 6.5 MEDIUM |
On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. | |||||
CVE-2019-10712 | 1 Wago | 32 750-330, 750-330 Firmware, 750-352 and 29 more | 2020-10-01 | 7.5 HIGH | 9.8 CRITICAL |
The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. | |||||
CVE-2018-8836 | 1 Wago | 16 750-829, 750-829 Firmware, 750-831 and 13 more | 2019-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools. Specially crafted packets may also be sent to Port 2455/TCP/IP, used in Codesys management software, which may result in a denial-of-service condition of communications with commissioning and service tools. |