Advisories

Filter anzeigen filter

Hersteller

Bewertung

Für CVSS 2.0, 3.0 und 3.2

Kein CVE verfügbar

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2022-004

März 9, 2022, 8:00 vorm.

WAGO: Web-Based Management Cross-Site Scripting

The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) …

CVE-2022-22511

VDE-2022-002

Mai 22, 2025, 3:03 nachm.

WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro

A vulnerability is reported in WIBU-SYSTEMS Codemeter. WIBU-SYSTEMS Codemeter is installed by default during e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) installations. All currently existing e!COCKPIT installation bundles and WAGO-I/O-Pro (CODESYS 2.3) …

CVE-2021-41057

VDE-2021-060

Mai 22, 2025, 3:03 nachm.

WAGO: Smart Script affected by Log4Shell Vulnerability

Apache Log4j is used for logging events in WAGO Smart Script in Version 4.2 and higher. Events logged by Log4j can contain JNDI references. An attacker who can control log …

CVE-2021-44228

CVE-2021-45046

CVE-2021-44832

CVE-2021-45105

VDE-2021-049

Mai 22, 2025, 3:03 nachm.

WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3

A Denial-of-Service Vulnerability was reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC's. All vulnerable PLCs are listed in chapter 'Affected Products'.

CVE-2021-34593

VDE-2021-050

Nov. 16, 2021, 12:02 nachm.

WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack.

Multiple vulnerabilities were reported in the Nucleus Real-Time Operating System (RTOS). The Nucleus RTOS is an essential component in several WAGO PLCs and fieldbus coupler. WAGO uses older Versions of …

CVE-2021-31884

CVE-2021-31886

CVE-2021-31346

CVE-2021-31889

CVE-2021-31890

CVE-2021-31345

CVE-2021-31888

CVE-2021-31887

CVE-2021-31882

CVE-2021-31881

CVE-2021-31883

CVE-2021-31344

VDE-2021-043

Mai 14, 2025, 2:28 nachm.

WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro

Multiple vulnerabilities were reported in WIBU-SYSTEMS Codemeter. WIBU-SYSTEMS Codemeter is installed by default during e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) installations. All currently existing e!COCKPIT installation bundles and WAGO-I/O-Pro (CODESYS 2.3) …

CVE-2021-20093

CVE-2021-20094

VDE-2020-044

Mai 14, 2025, 3:00 nachm.

WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX

The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates. With special crafted requests it is possible to read and write some …

CVE-2021-34578

VDE-2021-038

Mai 14, 2025, 2:53 nachm.

WAGO: OpenSSL DoS Vulnerability in PLCs

WAGO controllers have always been designed for easy connection to IT infrastructure. Even controllers from legacy product lines support encryption standards to ensure secure communication. With special crafted requests it …

CVE-2021-34581