The Library WagoAppRTU which is part of the Wago Telecontrol Configurator is prone to improper input validation. By sending specifically crafted MMS packets an attacker can trigger a denial-of-service condition.
An attacker with privileges can enumerate projects and usernames through an iterative process, by making a request to a specific endpoint.
Several CODESYS setups contain and install vulnerable versions of the WIBU CodeMeter Runtime.
A vulnerability in the Wibu CodeMeter Runtime, which is part of the installation packages of
several Festo products, was found. This could lead to remote code execution and escalation of
privileges giving full admin access on the host system.
Update A, 2023-12-05
A heap-based buffer overflow caused by libcurl and wrong whitespace character interpretation
in Javascript, both used in CodeMeter Runtime affecting multiple products by PHOENIX CONTACT.
Affected products are vulnerable to remote code execution via command injection in the web-based management by an attacker.
There is a misconfiguration of access rights to a configuration tool of the web-based-management for a specific user, which allows to reset passwords of other users (except root). This allows an authenticated attacker to elevate his privileges.