CVE-2020-12522

Published Dec 17, 2020
Last updated 4 years ago
CVSS critical 9.8
Overview

Description: The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.
Source: info@cert.vde.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL
CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-78
info@cert.vde.com: CWE-78
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:wago:pfc_100_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "231443A9-A38B-48D2-8686-EBAE040BC53C",
            "versionEndIncluding": "10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:wago:750-8101\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD1E36F3-C876-4427-A19A-2CE099D46FB6"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8102\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "59142ED2-02A8-44B3-8F0F-9C106542F55A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:wago:pfc_200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45099EEC-C92C-434A-A271-9095C7F1AD93",
            "versionEndIncluding": "10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:wago:750-8202\\/000-012:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B3D005CB-5D55-4142-8A5B-A005AC2FC239"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8202\\/000-022:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "38796792-5D69-41BA-84B8-792151B1FC6B"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8202\\/040-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "977A1B79-8D15-49D8-8C58-F7B1FFDF0E8D"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8202\\/040-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D4E35ACF-6C0A-4C9F-83A8-6CBAF927BE43"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8206\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6196935C-97E0-40A2-AF06-03CB72E40B0E"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8206\\/025-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1E2892D5-A691-48A9-ACC9-236A50E6A40E"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8206\\/040-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49A39AFE-BC17-4A09-ABCE-271C2BB9AA07"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8206\\/040-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B851D224-DFC0-4D96-AE88-0B7AF75FBCD8"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8207\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6F56DA20-D82B-48C7-B4AD-8534367E8D83"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8207\\/025-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5C5C4BAD-7268-4367-A112-60E1A2EF6AF3"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8208\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8FFE4FF4-4EE4-493F-A8CF-968215142EF4"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8208\\/025-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B32F6244-FB19-4629-BCAB-A544C031E4BA"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8210\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CF7C8131-3BE2-4515-81F0-1C7644B622B3"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8210\\/040-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "50421963-086D-4B34-BCDA-1EA971708B73"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8211\\/040-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4921C3E3-0ED0-4ECB-B791-BE3AE48D6F92"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8211\\/040-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8E6D37B-E7CF-401E-86F0-0E17694CF3C3"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8212\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31B9A7B1-2457-44E7-9753-DC5828281892"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8212\\/025-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9EC1F538-875D-4337-A42E-A837173B30FF"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8212\\/025-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A81CC3BB-60A3-451F-BC34-F1D03517B0E1"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8212\\/040-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "26478046-3D53-45DB-B5B9-EE160383C9E2"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8212\\/040-010:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF110184-7737-417A-8C9C-2F30FA8091C0"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8213\\/040-010:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "764647F1-F01F-42CD-94B6-D46494BDC1A0"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8216\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FAD81900-6337-4EB9-ABA5-836452AF3E59"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8216\\/025-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E3ED9EED-726C-4217-ABFE-CE0DE8BB902E"
          },
          {
            "criteria": "cpe:2.3:h:wago:750-8217\\/025-000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6494874B-DB89-4C9C-BF6E-EB775D19C6B5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:wago:touch_panel_600_standard_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28C8477B-8399-46D5-BFCE-E8D68F9F0A95",
            "versionEndIncluding": "10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:wago:762-4301\\/8000-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD64BCDC-A7F2-4E8C-886D-C0D9268D0DA8"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-4302\\/8000-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5FDBE05B-7ACB-4DB5-8D2F-7FCEC626E161"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-4303\\/8000-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3A5421E8-67EA-4D0D-889F-A64DA70E7695"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-4304\\/8000-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4DB95678-6815-4FB6-AA22-E6FEC011B269"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:wago:touch_panel_600_advanced_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C5FDEF0-45DF-4BD0-80EC-3D8AD467846F",
            "versionEndIncluding": "10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:wago:762-5303\\/8000-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9D4FF612-453D-4287-8989-2779A6F6A0A7"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-5304\\/8000-002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "80089A85-1174-4E47-BC36-69DD11A3FFF8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:wago:touch_panel_600_marine_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "878F774F-B317-4FCC-8E2A-D496E19F710C",
            "versionEndIncluding": "10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:wago:762-6201\\/8000-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D2BEE4ED-2C15-4E52-8FEC-BB7B5742274F"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-6202\\/8000-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FF4E78EB-C91E-4E92-AF9F-90300EE96E03"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-6203\\/8000-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C98F37AB-BFC5-49C2-B8FD-21AA0266C703"
          },
          {
            "criteria": "cpe:2.3:h:wago:762-6204\\/8000-001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "422F9EEC-8516-4692-93DE-BB0F385D2BD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
