The TCP/IP stack and of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contain several vulnerabilities. Nucleus NET is utilized by BLUEMARK X1 / LED / CLED.
The abovementioned BLUEMARK printers are discontinued and only impacted by a subset of 8 of the 13 discovered vulnerabilities.
Apache Log4j is used for logging events in WAGO Smart Script in Version 4.2 and higher. Events logged by Log4j can contain JNDI references. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. Additionally, Log4j does not protect from self-referential lookups, which can lead to Denial of Service.
UPDATE A1/2:
Affected versions:
CVE-2021-44228 and CVE-2021-45046:
WAGO Smart Script >= Version 4.2 and < Version 4.8.1.3
CVE-2021-45105:
WAGO Smart Script >= Version 4.2 and < Version 4.8.1.4
CVE-2021-44832
WAGO Smart Script >= Version 4.2 and < Version 4.8.1.5
END UPDATE A1/2
An issue was discovered in the myREX24 and myREX24-virtual software in all versions through V2.9.0.
Multiple Vulnerabilities in a software service of shDIALUP can lead to arbitrary code execution due to improper privilege management.
Update A, 2022-03-28
Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLCs. All vulnerable PLCs are listed in chapter ‘Affected Products’.
https://www.codesys.com/security/security-reports.html
A Denial-of-Service Vulnerability was reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC’s. All vulnerable PLCs are listed in chapter ‘Affected Products’.
https://www.codesys.com/security/security-reports.html
Multiple vulnerabilities were reported in the Nucleus Real-Time Operating System (RTOS). The Nucleus RTOS is an essential component in several WAGO PLCs and fieldbus coupler. WAGO uses older Versions of the Nucleus RTOS also in legacy products.
For additional information please consult the official Siemens advisory:
• Advisory SSA-044112
Cross-site scripting in web-based management and memory leak in the remote logging function of FL MGUARD 1102 and FL MGUARD 1105.
CVE-2021-34582:
The file upload functionality in the web-based management is affected by a stored cross-site scripting vulnerability (CWE-79: Improper Neutralization of Input During Web Page Generation). An authenticated FL MGUARD user with Admin or Super Admin role can upload a certificate file on the Basic settings > LDAP page, on the Logs > Remote logging page, or through the REST API. The content of this file is embedded into the corresponding web page, and any
HTML code within the file is rendered when the page is viewed by the same or a different authenticated user.
CVE-2021-34598:
The remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active (CWE-770: Allocation of Resources Without Limits or Throttling).