CVE-2020-12505 - OpenCVE

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Wago	750-889 750-831 750-880 750-881 Firmware 750-881 750-882 Firmware 750-852 Firmware 750-885 Firmware 750-882 750-880 Firmware 750-889 Firmware 750-852 750-831 Firmware 750-885

Configuration 1 [-]

AND

cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert.vde.com/en-us/advisories/vde-2020-027	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2020-09-29T00:00:00

Updated: 2021-11-10T11:21:59

Reserved: 2020-04-30T00:00:00

Link: CVE-2020-12505

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-09-30T16:15:12.670

Modified: 2021-11-17T13:37:19.133

Link: CVE-2020-12505

JSON object: View

Redhat Information

No data.

CWE

CWE-306

{"containers": {"cna": {"affected": [{"product": "750-852", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "750-880/xxx-xxx", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "750-881", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "750-831/xxx-xxx", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "750-882", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "750-885/xxx-xxx", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "750-889", "vendor": "WAGO", "versions": [{"lessThanOrEqual": "FW07", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO."}, {"lang": "en", "value": "coordinated by CERT@VDE"}], "datePublic": "2020-09-29T00:00:00", "descriptions": [{"lang": "en", "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-10T11:21:59", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"}], "solutions": [{"lang": "en", "value": "Upgrade devices to the latest standard firmware (> FW07)."}], "source": {"advisory": "vde-2020-027", "defect": ["vde-2020-027"], "discovery": "EXTERNAL"}, "title": "WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07", "workarounds": [{"lang": "en", "value": "Restrict network access to the device.\nDo not directly connect the device to the internet.\nDisable unused TCP/UDP ports.\nDisable web-based management ports 80/443 after the configuration phase"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2020-09-29T22:00:00.000Z", "ID": "CVE-2020-12505", "STATE": "PUBLIC", "TITLE": "WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "750-852", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}, {"product_name": "750-880/xxx-xxx", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}, {"product_name": "750-881", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}, {"product_name": "750-831/xxx-xxx", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}, {"product_name": "750-882", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}, {"product_name": "750-885/xxx-xxx", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}, {"product_name": "750-889", "version": {"version_data": [{"version_affected": "<=", "version_value": "FW07"}]}}]}, "vendor_name": "WAGO"}]}}, "credit": [{"lang": "eng", "value": "Maxim Rupp (https://rupp.it) reported this vulnerability to WAGO."}, {"lang": "eng", "value": "coordinated by CERT@VDE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-306 Missing Authentication for Critical Function"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en-us/advisories/vde-2020-027", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"}]}, "solution": [{"lang": "en", "value": "Upgrade devices to the latest standard firmware (> FW07)."}], "source": {"advisory": "vde-2020-027", "defect": ["vde-2020-027"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "Restrict network access to the device.\nDo not directly connect the device to the internet.\nDisable unused TCP/UDP ports.\nDisable web-based management ports 80/443 after the configuration phase"}]}}}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2020-12505", "datePublished": "2020-09-29T00:00:00", "dateReserved": "2020-04-30T00:00:00", "dateUpdated": "2021-11-10T11:21:59", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED404720-0042-42AB-9125-4CDF2D02D44E", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D6739E1-EF0B-48EE-90FC-5708756FC362", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AEB9FB33-B34B-4904-A9E5-795BBAC5EAEF", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFEAC4D9-15CF-44B8-844D-C012AA4637A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "987FDB58-A501-4F70-B7F1-0F3E0845EFD7", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FE51647-62C1-4D3C-91FA-13ACA6CD71D2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C33ED3A-C5D8-4276-B896-665642A6BD51", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0631884-FF6F-4AA9-9D76-CDECB5A738FC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F46D5249-6418-4FF9-B980-85BB6211D939", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1379D65-F376-4618-B708-5E59D64C8033", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7521A675-86D6-4EEA-8D26-E8702CA426B3", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*", "matchCriteriaId": "7712F56E-AEBA-4DE0-9172-26F3D29B369B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "10BC697F-D2B2-4D95-A67C-87E4499919EE", "versionEndIncluding": "fw07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*", "matchCriteriaId": "57919AAB-2962-4543-810A-C143300351F8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 in versions FW07 and below."}, {"lang": "es", "value": "La vulnerabilidad de autenticaci\u00f3n inadecuada en la serie WAGO 750-8XX con versi\u00f3n FW anteriores o iguales a FW07 permite a un atacante cambiar algunos par\u00e1metros especiales sin autenticaci\u00f3n. Este problema afecta a: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO 750-889 en versiones FW07 y anteriores"}], "id": "CVE-2020-12505", "lastModified": "2021-11-17T13:37:19.133", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "info@cert.vde.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2020-09-30T16:15:12.670", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en-us/advisories/vde-2020-027"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "info@cert.vde.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Secondary"}]}