CVE-2021-21000

WAGO: PFC200 Denial of Service due to the number of connections to the runtime

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.

En dispositivos WAGO PFC200 en diferentes versiones de firmware con paquetes especiales diseñados, un atacante con acceso de red al dispositivo podría causar una denegación de servicio para el servicio de inicio de sesión del tiempo de ejecución

*Credits: These vulnerabilities were reported by JSC Positive Technologies (Vyacheslav Moskvin, Anton Dorfman, Sergey Fedonin, Ivan Kurnakov, Denis Goryushev). Coordination done by CERT@VDE.

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-12-17 CVE Reserved
2021-05-24 CVE Published
2024-02-07 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-770: Allocation of Resources Without Limits or Throttling

CAPEC

References (1)

URL	Tag	Source
https://cert.vde.com/en-us/advisories/vde-2021-014	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Wago Search vendor "Wago"	750-823 Firmware Search vendor "Wago" for product "750-823 Firmware"	<= fw07 Search vendor "Wago" for product "750-823 Firmware" and version " <= fw07"	-	Affected	in	Wago Search vendor "Wago"	750-823 Search vendor "Wago" for product "750-823"	-	-	Safe
Wago Search vendor "Wago"	750-829 Firmware Search vendor "Wago" for product "750-829 Firmware"	<= fw14 Search vendor "Wago" for product "750-829 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-829 Search vendor "Wago" for product "750-829"	-	-	Safe
Wago Search vendor "Wago"	750-831 Firmware Search vendor "Wago" for product "750-831 Firmware"	<= fw14 Search vendor "Wago" for product "750-831 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-831 Search vendor "Wago" for product "750-831"	-	-	Safe
Wago Search vendor "Wago"	750-832 Firmware Search vendor "Wago" for product "750-832 Firmware"	<= fw06 Search vendor "Wago" for product "750-832 Firmware" and version " <= fw06"	-	Affected	in	Wago Search vendor "Wago"	750-832 Search vendor "Wago" for product "750-832"	-	-	Safe
Wago Search vendor "Wago"	750-852 Firmware Search vendor "Wago" for product "750-852 Firmware"	<= fw14 Search vendor "Wago" for product "750-852 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-852 Search vendor "Wago" for product "750-852"	-	-	Safe
Wago Search vendor "Wago"	750-862 Firmware Search vendor "Wago" for product "750-862 Firmware"	<= fw07 Search vendor "Wago" for product "750-862 Firmware" and version " <= fw07"	-	Affected	in	Wago Search vendor "Wago"	750-862 Search vendor "Wago" for product "750-862"	-	-	Safe
Wago Search vendor "Wago"	750-880 Firmware Search vendor "Wago" for product "750-880 Firmware"	<= fw15 Search vendor "Wago" for product "750-880 Firmware" and version " <= fw15"	-	Affected	in	Wago Search vendor "Wago"	750-880 Search vendor "Wago" for product "750-880"	-	-	Safe
Wago Search vendor "Wago"	750-881 Firmware Search vendor "Wago" for product "750-881 Firmware"	<= fw14 Search vendor "Wago" for product "750-881 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-881 Search vendor "Wago" for product "750-881"	-	-	Safe
Wago Search vendor "Wago"	750-882 Firmware Search vendor "Wago" for product "750-882 Firmware"	<= fw14 Search vendor "Wago" for product "750-882 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-882 Search vendor "Wago" for product "750-882"	-	-	Safe
Wago Search vendor "Wago"	750-885 Firmware Search vendor "Wago" for product "750-885 Firmware"	<= fw14 Search vendor "Wago" for product "750-885 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-885 Search vendor "Wago" for product "750-885"	-	-	Safe
Wago Search vendor "Wago"	750-889 Firmware Search vendor "Wago" for product "750-889 Firmware"	<= fw14 Search vendor "Wago" for product "750-889 Firmware" and version " <= fw14"	-	Affected	in	Wago Search vendor "Wago"	750-889 Search vendor "Wago" for product "750-889"	-	-	Safe
Wago Search vendor "Wago"	750-890 Firmware Search vendor "Wago" for product "750-890 Firmware"	<= fw07 Search vendor "Wago" for product "750-890 Firmware" and version " <= fw07"	-	Affected	in	Wago Search vendor "Wago"	750-890 Search vendor "Wago" for product "750-890"	-	-	Safe
Wago Search vendor "Wago"	750-891 Firmware Search vendor "Wago" for product "750-891 Firmware"	<= fw07 Search vendor "Wago" for product "750-891 Firmware" and version " <= fw07"	-	Affected	in	Wago Search vendor "Wago"	750-891 Search vendor "Wago" for product "750-891"	-	-	Safe
Wago Search vendor "Wago"	750-893 Firmware Search vendor "Wago" for product "750-893 Firmware"	<= fw07 Search vendor "Wago" for product "750-893 Firmware" and version " <= fw07"	-	Affected	in	Wago Search vendor "Wago"	750-893 Search vendor "Wago" for product "750-893"	-	-	Safe
Wago Search vendor "Wago"	750-8202 Firmware Search vendor "Wago" for product "750-8202 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8202 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8202 Search vendor "Wago" for product "750-8202"	-	-	Safe
Wago Search vendor "Wago"	750-8203 Firmware Search vendor "Wago" for product "750-8203 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8203 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8203 Search vendor "Wago" for product "750-8203"	-	-	Safe
Wago Search vendor "Wago"	750-8204 Firmware Search vendor "Wago" for product "750-8204 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8204 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8204 Search vendor "Wago" for product "750-8204"	-	-	Safe
Wago Search vendor "Wago"	750-8206 Firmware Search vendor "Wago" for product "750-8206 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8206 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8206 Search vendor "Wago" for product "750-8206"	-	-	Safe
Wago Search vendor "Wago"	750-8207 Firmware Search vendor "Wago" for product "750-8207 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8207 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8207 Search vendor "Wago" for product "750-8207"	-	-	Safe
Wago Search vendor "Wago"	750-8208 Firmware Search vendor "Wago" for product "750-8208 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8208 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8208 Search vendor "Wago" for product "750-8208"	-	-	Safe
Wago Search vendor "Wago"	750-8210 Firmware Search vendor "Wago" for product "750-8210 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8210 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8210 Search vendor "Wago" for product "750-8210"	-	-	Safe
Wago Search vendor "Wago"	750-8211 Firmware Search vendor "Wago" for product "750-8211 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8211 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8211 Search vendor "Wago" for product "750-8211"	-	-	Safe
Wago Search vendor "Wago"	750-8212 Firmware Search vendor "Wago" for product "750-8212 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8212 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8212 Search vendor "Wago" for product "750-8212"	-	-	Safe
Wago Search vendor "Wago"	750-8213 Firmware Search vendor "Wago" for product "750-8213 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8213 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8213 Search vendor "Wago" for product "750-8213"	-	-	Safe
Wago Search vendor "Wago"	750-8214 Firmware Search vendor "Wago" for product "750-8214 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8214 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8214 Search vendor "Wago" for product "750-8214"	-	-	Safe
Wago Search vendor "Wago"	750-8216 Firmware Search vendor "Wago" for product "750-8216 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8216 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8216 Search vendor "Wago" for product "750-8216"	-	-	Safe
Wago Search vendor "Wago"	750-8217 Firmware Search vendor "Wago" for product "750-8217 Firmware"	< 03.06.19_\(18\) Search vendor "Wago" for product "750-8217 Firmware" and version " < 03.06.19_\(18\)"	-	Affected	in	Wago Search vendor "Wago"	750-8217 Search vendor "Wago" for product "750-8217"	-	-	Safe