CVE-2020-12522
Severity CVSS v4.0:
Pending analysis
Type:
CWE-78
OS Command Injections
Publication date:
17/12/2020
Last modified:
23/12/2020
Description
The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:wago:pfc_100_firmware:*:*:*:*:*:*:*:* | 10 (including) | |
cpe:2.3:h:wago:750-8101\/025-000:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8102\/025-000:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:wago:pfc_200_firmware:*:*:*:*:*:*:*:* | 10 (including) | |
cpe:2.3:h:wago:750-8202\/000-012:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8202\/000-022:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8202\/040-000:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8202\/040-001:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8206\/025-000:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8206\/025-001:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8206\/040-000:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8206\/040-001:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8207\/025-000:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8207\/025-001:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:wago:750-8208\/025-000:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page