VDE-2021-049 | CERT@VDE

2021-11-16 12:05 (CET) VDE-2021-049

WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3

Share: Email | Twitter

ID

VDE-2021-049

Published

2021-11-16 12:05 (CET)

Last update

2021-11-16 12:05 (CET)

Vendor(s)

WAGO GmbH & Co. KG

Product(s)

Article No°	Product Name	Affected Version(s)
	750-8202/xxx-xxx	<= 03.07.14 (19)
	750-8203/xxx-xxx	<= 03.07.14 (19)
	750-8204/xxx-xxx	<= 03.07.14 (19)
	750-8206/xxx-xxx	<= 03.07.14 (19)
	750-8207/xxx-xxx	<= 03.07.14 (19)
	750-8208/xxx-xxx	<= 03.07.14 (19)
	750-8210/xxx-xxx	<= 03.07.14 (19)
	750-8211/xxx-xxx	<= 03.07.14 (19)
	750-8212/xxx-xxx	<= 03.07.14 (19)
	750-8213/xxx-xxx	<= 03.07.14 (19)
	750-8214/xxx-xxx	<= 03.07.14 (19)
	750-8216/xxx-xxx	<= 03.07.14 (19)
	750-8217/xxx-xxx	<= 03.07.14 (19)

Summary

A Denial-of-Service Vulnerability was reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC’s. All vulnerable PLCs are listed in chapter ‘Affected Products’.
https://www.codesys.com/security/security-reports.html

CVE ID

CVE-2021-34593

Last Update:

Nov. 15, 2021, 5:02 p.m.

Severity

7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Weakness

Improper Handling of Exceptional Conditions (CWE-755)

Summary

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.

Details

nvd.nist.gov

Impact

The reported vulnerabilities allow an attacker who has access to the device and is able to exploit the vulnerability, to manipulate and disrupt the CODESYS 2.3 Runtime of the device.

Solution

We recommend all affected users with CODESYS 2.3 Runtime PLCs to update to the firmware version listed below.

Article Number	Fixed in Version	Approx. Available
750-8202/xxx-xxx	>=FW20	January 2022
750-8203/xxx-xxx
750-8204/xxx-xxx
750-8206/xxx-xxx
750-8207/xxx-xxx
750-8208/xxx-xxx
750-8210/xxx-xxx
750-8211/xxx-xxx
750-8212/xxx-xxx
750-8213/xxx-xxx
750-8214/xxx-xxx
750-8216/xxx-xxx
750-8217/xxx-xxx

Mitigation

Use general security best practices to protect systems from local and network attacks.
Do not allow direct access to the device from untrusted networks.
Update to the latest firmware according to the table in chapter solutions.
Disable the CODESYS 2.3 port 2455.

For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html

Reported by

This vulnerability was reported by Steffen Robertz and Gerhard Hechenberger from SEC Consult Vulnerability Lab.
Coordination done by CERT@VDE.