WAGO: PLC families 750-88x and 750-352 prone to DoS attack
CVE-2020-12516

7.5HIGH

Key Information:

Vendor: Wago
Status: 750-331/xxx-xxx; 750-352; 750-829; 750-831/xxx-xxx
Vendor: CVE Published:; 10 December 2020

Summary

Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.

Affected Version(s)

750-331/xxx-xxx FW1<=FW10

750-352 FW1<=FW10

750-829 FW1<=FW10

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01

x_refsource_MISC

https://cert.vde.com/en-us/advisories/vde-2020-042

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 10, 2020
Vulnerability Reserved
Apr 30, 2020

Credit

These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE.

.

CVE-2020-12516 : WAGO: PLC families 750-88x and 750-352 prone to DoS attack | SecurityVulnerability.io