|Article No°||Product Name||Affected Version(s)|
|750-81xx/xxx-xxx (PFC100)||< FW15|
|750-82xx/xxx-xxx (PFC200)||< FW15|
The reported vulnerabilities allow a remote attacker to change the setting, delete the application, set the device to factory defaults, code execution and to cause a system crash or denial of service.
The following products are affected by the listed vulnerabilities:
Series PFC100 (750-81xx/xxx-xxx)
Series PFC200 (750-82xx/xxx-xxx)
The following products are affected by the vulnerability CVE-2019-5078
750-852, 750-831/xxx-xxx, 750-881, 750-880/xxx-xxx, 750-889
750-823, 750-832/xxx-xxx, 750-862, 750-890/xxx-xxx, 750-891
These vulnerabilities allow an attacker to manipulate the settings or disturb the basic function of the device via specially crafted IP packets. This can be potentially used to get control of the device.
The I/O-Check service protocol is only needed during installation and commissioning, not during normal operations. It is highly recommended to disable the IP-port 6626 after commissioning. This is the easiest and securest way to protect your device for the listed vulnerabilities and for upcoming zero day exploits.
Regardless of the action described above, the following CVEs can be fixed alternatively by a firmware update >= FW 15.
This vulnerability was reported by Kelly Leuschner of Cisco Talos to WAGO coordinated by CERT@VDE.