• 1
  • 2 (current)

PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2.
This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities.

Firmware components in version 2021.06 had already been updated. For the 2022.0 LTS version more firmware components have been updated implicitly fixing the vulnerabilities listed. The vulnerabilities listed above have not been individually verified in terms of actual impact and/or limitations in combination with the affected products listed. The current LTS release 2022.0 LTS contains updates of integrated third-party libraries, SDKs and other third-party software to address these issues nevertheless.

UPDATE A (April 4th, 2022): Added RFC 4072 (Art. No. 1051328) and fixed affected version of AXC F 3152 



The Linux kernel starting from 5.8 has a flaw which can lead to privilege escalation for a local user. The kernel is used in several Versions of the FW of several WAGO products. All vulnerable PLCs are listed in chapter ‘Affected Products’.



  • 1
  • 2 (current)

Feeds

Nach Hersteller

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Legende

(Scoring für CVSS 2.0,3.0+3.1)
keine
Kein CVE verfügbar
Niedrig
0.1 <= 3.9
Mittel
4.0 <= 6.9
Hoch
7.0 <= 8.9
Kritisch
9.0 <= 10.0