Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC’s.
The Web-Based Management (WBM) of WAGOs industrial managed switches is typically used for administration, commissioning and updates.
The reported vulnerabilities allow an attacker with access to the device and the Web-Based Management, to install malware, access to password hashes and create user with admin credentials.
The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
Older firmware versions of the PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
All newer Firmware releases since FW11, released in December 2017, are not affected.
UPDATE A
Additional, affected devices:
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
The SNMP configuration page of the device is vulnerable for a persistent XSS (Cross-Site Scripting) attack.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
With special crafted requests it is possible to change some special parameters without authentication.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.
With special crafted requests it is possible to change some special parameters without authentication.