CVE-2023-1620 – WAGO: DoS in multiple products in multiple versions using Codesys
https://notcve.org/view.php?id=CVE-2023-1620
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. • https://cert.vde.com/en/advisories/VDE-2023-006 • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •
CVE-2023-1619 – WAGO: DoS in multiple versions of multiple products
https://notcve.org/view.php?id=CVE-2023-1619
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. • https://cert.vde.com/en/advisories/VDE-2023-006 • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •
CVE-2021-34569 – WAGO I/O-Check Service prone to Out-of-bounds Write
https://notcve.org/view.php?id=CVE-2021-34569
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. En WAGO I/O-Check Service en varios productos, un atacante puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para bloquear la herramienta de diagnóstico y escribir en la memoria. • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-787: Out-of-bounds Write •
CVE-2021-34568 – WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling
https://notcve.org/view.php?id=CVE-2021-34568
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service. En WAGO I/O-Check Service en varios productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para provocar una Denegación de Servicio (DoS). • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2021-34567 – WAGO I/O-Check Service prone to Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2021-34567
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read. En WAGO I/O-Check Service en múltiples productos, un atacante remoto no autenticado puede enviar un paquete especialmente manipulado que contiene comandos del Sistema Operativo para provocar una Denegación de Servicio (DoS) y una lectura fuera de los límites limitada. • https://cert.vde.com/en/advisories/VDE-2020-036 • CWE-125: Out-of-bounds Read •