Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5188

The MMS Interpreter of WagoAppRTU in versions below 1.4.6.0 which is used by the WAGO Telecontrol Configurator is vulnerable to malformed packets. An remote unauthenticated attacker could send specifically crafted packets that lead to a denial-of-service condition until restart of the affected device.

Published

2023-12-05T08:15:07.690

Last Modified

2024-11-21T08:41:15.940

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wago	telecontrol_configurator	*	Yes
Application	wago	wagoapprtu	< 1.4.6.0	Yes

References

https://cert.vde.com/en/advisories/VDE-2023-044/ Third Party Advisory ([email protected])
https://cert.vde.com/en/advisories/VDE-2023-044/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)