CVSS: 6.1EPSS: 0%CPEs: 202EXPL: 0CVE-2023-1620 – WAGO: DoS in multiple products in multiple versions using Codesys
https://notcve.org/view.php?id=CVE-2023-1620
26 Jun 2023 — Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. • https://cert.vde.com/en/advisories/VDE-2023-006 • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •
CVSS: 6.1EPSS: 0%CPEs: 202EXPL: 0CVE-2023-1619 – WAGO: DoS in multiple versions of multiple products
https://notcve.org/view.php?id=CVE-2023-1619
26 Jun 2023 — Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. • https://cert.vde.com/en/advisories/VDE-2023-006 • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •
CVSS: 10.0EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34569 – WAGO I/O-Check Service prone to Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2021-34569
09 Nov 2022 — In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. En WAGO I/O-Check Service en varios productos, un atacante puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para bloquear la herramienta de diagnóstico y escribir en la memoria. In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to cras... • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34568 – WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling
https://notcve.org/view.php?id=CVE-2021-34568
09 Nov 2022 — In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service. En WAGO I/O-Check Service en varios productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para provocar una Denegación de Servicio (DoS). In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet... • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.5EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34567 – WAGO I/O-Check Service prone to Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2021-34567
09 Nov 2022 — In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read. En WAGO I/O-Check Service en múltiples productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para provocar una Denegación de Servicio (DoS) y una lectura fuera de los límites limitada. In WAGO I/O-Check Service in multipl... • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34566 – WAGO I/O-Check Service prone to Memory Overflow
https://notcve.org/view.php?id=CVE-2021-34566
09 Nov 2022 — In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS. En WAGO I/O-Check Service en varios productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para bloquear el proceso iocheck y escribir en la memoria, lo que resulta en pérdida de integridad y DoS. In WA... • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 156EXPL: 0CVE-2022-3281 – WAGO: multiple products - Loss of MAC-Address-Filtering after reboot
https://notcve.org/view.php?id=CVE-2022-3281
17 Oct 2022 — WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter. WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller en varias versiones son propensos a perder el filtrado de direcciones MAC tras el reinicio. Esto puede permitir a un a... • https://cert.vde.com/en/advisories/VDE-2022-042 • CWE-440: Expected Behavior Violation •