Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Wago
  • 750-889
  • 750-831
  • 750-885 Firmware
  • 750-882
  • 750-331
  • 750-889 Firmware
  • 750-829 Firmware
  • 750-880 Firmware
  • 750-852
  • 750-331 Firmware
  • 750-880
  • 750-881 Firmware
  • 750-881
  • 750-852 Firmware
  • 750-829
  • 750-831 Firmware
  • 750-352 Firmware
  • 750-882 Firmware
  • 750-352
  • 750-885

Configuration 1 [-]

AND
cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:wago:750-331_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-331:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*
References
Link Resource
https://cert.vde.com/en-us/advisories/vde-2020-042 Patch Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01 Mitigation Third Party Advisory US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2020-12-09T00:00:00

Updated: 2020-12-22T21:14:49

Reserved: 2020-04-30T00:00:00

Link: CVE-2020-12516

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2020-12-10T03:15:11.593

Modified: 2022-10-08T03:26:07.057

Link: CVE-2020-12516

JSON object: View

cve-icon Redhat Information

No data.

CWE