Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-12522

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.

Published

2020-12-17T23:15:13.200

Last Modified

2024-11-21T04:59:51.620

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 10.0 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-78
Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	wago	pfc_100_firmware	≤ 10	Yes
Hardware	wago	750-8101\/025-000	-	No
Hardware	wago	750-8102\/025-000	-	No
Operating System	wago	pfc_200_firmware	≤ 10	Yes
Hardware	wago	750-8202\/000-012	-	No
Hardware	wago	750-8202\/000-022	-	No
Hardware	wago	750-8202\/040-000	-	No
Hardware	wago	750-8202\/040-001	-	No
Hardware	wago	750-8206\/025-000	-	No
Hardware	wago	750-8206\/025-001	-	No
Hardware	wago	750-8206\/040-000	-	No
Hardware	wago	750-8206\/040-001	-	No
Hardware	wago	750-8207\/025-000	-	No
Hardware	wago	750-8207\/025-001	-	No
Hardware	wago	750-8208\/025-000	-	No
Hardware	wago	750-8208\/025-001	-	No
Hardware	wago	750-8210\/025-000	-	No
Hardware	wago	750-8210\/040-000	-	No
Hardware	wago	750-8211\/040-000	-	No
Hardware	wago	750-8211\/040-001	-	No
Hardware	wago	750-8212\/025-000	-	No
Hardware	wago	750-8212\/025-001	-	No
Hardware	wago	750-8212\/025-002	-	No
Hardware	wago	750-8212\/040-000	-	No
Hardware	wago	750-8212\/040-010	-	No
Hardware	wago	750-8213\/040-010	-	No
Hardware	wago	750-8216\/025-000	-	No
Hardware	wago	750-8216\/025-001	-	No
Hardware	wago	750-8217\/025-000	-	No
Operating System	wago	touch_panel_600_standard_firmware	≤ 10	Yes
Hardware	wago	762-4301\/8000-002	-	No
Hardware	wago	762-4302\/8000-002	-	No
Hardware	wago	762-4303\/8000-002	-	No
Hardware	wago	762-4304\/8000-002	-	No
Operating System	wago	touch_panel_600_advanced_firmware	≤ 10	Yes
Hardware	wago	762-5303\/8000-002	-	No
Hardware	wago	762-5304\/8000-002	-	No
Operating System	wago	touch_panel_600_marine_firmware	≤ 10	Yes
Hardware	wago	762-6201\/8000-001	-	No
Hardware	wago	762-6202\/8000-001	-	No
Hardware	wago	762-6203\/8000-001	-	No
Hardware	wago	762-6204\/8000-001	-	No

References

https://cert.vde.com/en-us/advisories/vde-2020-045 Third Party Advisory ([email protected])
https://cert.vde.com/en-us/advisories/vde-2020-045 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)