Share: Email | Twitter

ID

VDE-2022-054

Published

2023-01-12 08:52 (CET)

Last update

2023-01-12 08:54 (CET)

Vendor(s)

WAGO GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
750-81xx/xxx-xxx Series WAGO PFC100 FW16 <= FW22
750-82xx/xxx-xxx Series WAGO PFC200 FW16 <= FW22
762-5xxx Series WAGO Touch Panel 600 Advanced Line FW16 <= FW22
762-6xxx Series WAGO Touch Panel 600 Marine Line FW16 <= FW22
762-4xxx Series WAGO Touch Panel 600 Standard Line FW16 <= FW22
751-9301 WAGO Compact Controller CC100 FW16 <= FW22
752-8303/8000-002 WAGO Edge Controller FW16 <= FW22

Summary

A vulnerability in the web-based management (WBM) of WAGOs programmable logic controller (PLC) could allow an unauthenticated remote attacker to retrieve sensitive information.


Last Update:

19. Januar 2023 12:28

Weakness

Missing Authentication for Critical Function  (CWE-306) 

Summary

A vulnerability in multiple WAGO products allows a remote unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup with selected content after the last reboot for this attack to be successfull.


Impact

The vulnerability allows a remote, unauthenticated attacker to download a backup file, if one exists. That backup file might contain sensitive information like credentials and cryptographic material. A valid user has to create a backup after the last reboot for this attack to be successfull.

Solution

Install FW22 Patch 1 or higher

Reported by

Quentin Kaiser from ONEKEY Research Lab reported this vulnerability to WAGO.
CERT@VDE coordinated with WAGO.