Improper Input Validation in WAGO e!COCKPIT Automation Software
CVE-2019-5159
What is CVE-2019-5159?
An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software version 1.6.0.7. This vulnerability allows an attacker to leverage a specially crafted firmware update file to write arbitrary files to arbitrary locations on WAGO controllers during the update process. This could potentially lead to code execution if an attacker creates a malicious firmware update package and the user unwittingly selects this package when initiating a firmware update through the e!COCKPIT interface.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
WAGO e!COCKPIT 1.6.0.7
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved
