WAGO: DoS in multiple products in multiple versions using Codesys
CVE-2023-1620

4.9MEDIUM

Key Information:

Vendor: Wago
Status: 750-8202/xxx-xxx; 750-8203/xxx-xxx; 750-8204/xxx-xxx; 750-8206/xxx-xxx
Vendor: CVE Published:; 26 June 2023

Summary

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.

Affected Version(s)

750-331 FW1

750-332 FW1

750-8202/xxx-xxx FW1

References

https://cert.vde.com/en/advisories/VDE-2023-006/

vendor-advisory

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2023
Vulnerability Reserved
Mar 24, 2023

Credit

Daniel dos Santos from Forescout

Abdelrahman Hassanien from Forescout

.

CVE-2023-1620 : WAGO: DoS in multiple products in multiple versions using Codesys | SecurityVulnerability.io