A vulnerability in the web-based management (WBM) of WAGOs programmable logic controller (PLC) could allow an unauthenticated remote attacker to retrieve sensitive information.
The MAC address filter as part of the firewall has a flaw, which prevents the MAC address filter to be active after restart. In this way a remote attacker is able to circumvent the MAC address filtering after a reboot of a device.
UPDATE A: Solution has updated release dates
UPDATE B: Solution has updated release dates
This Advisory is published with reference to:
The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.
See also: Siemens Advisory published October 11th, 2022 - SSA-313313
Multiple WAGO product families are prone to multiple vulnerabilities affecting CODESYS control runtime system.
Multiple WAGO product families are prone to multiple vulnerabilities affecting CODESYS control runtime system.
The Linux kernel starting from 5.8 has a flaw which can lead to privilege escalation for a local user. The kernel is used in several Versions of the FW of several WAGO products. All vulnerable PLCs are listed in chapter ‘Affected Products’.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks.