CVSS: 9.8EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34569 – WAGO I/O-Check Service prone to Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2021-34569
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. En WAGO I/O-Check Service en varios productos, un atacante puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para bloquear la herramienta de diagnóstico y escribir en la memoria. • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34568 – WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling
https://notcve.org/view.php?id=CVE-2021-34568
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service. En WAGO I/O-Check Service en varios productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para provocar una Denegación de Servicio (DoS). • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.2EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34567 – WAGO I/O-Check Service prone to Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2021-34567
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read. En WAGO I/O-Check Service en múltiples productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para provocar una Denegación de Servicio (DoS) y una lectura fuera de los límites limitada. • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 245EXPL: 0CVE-2021-34566 – WAGO I/O-Check Service prone to Memory Overflow
https://notcve.org/view.php?id=CVE-2021-34566
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS. En WAGO I/O-Check Service en varios productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para bloquear el proceso iocheck y escribir en la memoria, lo que resulta en pérdida de integridad y DoS. • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 156EXPL: 0CVE-2022-3281 – WAGO: multiple products - Loss of MAC-Address-Filtering after reboot
https://notcve.org/view.php?id=CVE-2022-3281
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter. WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller en varias versiones son propensos a perder el filtrado de direcciones MAC tras el reinicio. Esto puede permitir a un atacante remoto omitir el alcance de la red que debería estar protegida por el filtro de direcciones MAC • https://cert.vde.com/en/advisories/VDE-2022-042 • CWE-440: Expected Behavior Violation •