Overview
- Description
- The MMS Interpreter of WagoAppRTU in versions below 1.4.6.0 which is used by the WAGO Telecontrol Configurator is vulnerable to malformed packets. An remote unauthenticated attacker could send specifically crafted packets that lead to a denial-of-service condition until restart of the affected device.
- Source
- info@cert.vde.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- info@cert.vde.com
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wago:telecontrol_configurator:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABC2D31E-C831-4293-93B2-3D7A7F58F272"
},
{
"criteria": "cpe:2.3:a:wago:wagoapprtu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD685DB5-5DF9-472D-A899-69B2444368B0",
"versionEndExcluding": "1.4.6.0"
}
],
"operator": "OR"
}
]
}
]