CVE-2020-12506
9.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Exploitability: 3.9 / Impact: 5.2
Source: NVD (Secondary)
Description
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO 750-862, WAGO 750-891, WAGO 750-890/xxx-xxx in versions FW03 and prior versions.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 362 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 363 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 823 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 832 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 862 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 891 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to fw03 |
| Running on/with | Platform Versions |
|---|---|
Wago 750 890 | All versions |
References (2)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.