Multiple WAGO product families are prone to multiple vulnerabilities affecting CODESYS control runtime system.



The Linux kernel starting from 5.8 has a flaw which can lead to privilege escalation for a local user. The kernel is used in several Versions of the FW of several WAGO products. All vulnerable PLCs are listed in chapter ‘Affected Products’.



WAGO: Web-Based Management Cross-Site Scripting

The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks.



A vulnerability is reported in WIBU-SYSTEMS Codemeter. WIBU-SYSTEMS Codemeter is installed by default during e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) installations. All currently existing e!COCKPIT installation bundles and WAGO-I/O-Pro (CODESYS 2.3) installation bundles are affected with vulnerable versions of WIBU-SYSTEMS Codemeter.



Apache Log4j is used for logging events in WAGO Smart Script in Version 4.2 and higher.  Events logged by Log4j can contain JNDI references. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. Additionally, Log4j does not protect from self-referential lookups, which can lead to Denial of Service.

UPDATE A1/2: 
Affected versions:

CVE-2021-44228 and CVE-2021-45046:
WAGO Smart Script >= Version 4.2 and < Version 4.8.1.3

CVE-2021-45105:
WAGO Smart Script >= Version 4.2 and < Version 4.8.1.4

CVE-2021-44832
WAGO Smart Script >= Version 4.2 and < Version 4.8.1.5

END UPDATE A1/2



Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLCs. All vulnerable PLCs are listed in chapter ‘Affected Products’.
https://www.codesys.com/security/security-reports.html



A Denial-of-Service Vulnerability was reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC’s. All vulnerable PLCs are listed in chapter ‘Affected Products’.
https://www.codesys.com/security/security-reports.html



Multiple vulnerabilities were reported in the Nucleus Real-Time Operating System (RTOS). The Nucleus RTOS is an essential component in several WAGO PLCs and fieldbus coupler. WAGO uses older Versions of the Nucleus RTOS also in legacy products.

For additional information please consult the official Siemens advisory:

• Advisory SSA-044112



Feeds

By Vendor

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0