#VU10574 Authentication bypass in WAGO products - CVE-2018-5459

Vulnerability identifier: #VU10574

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2018-5459

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
WAGO PFC200 Series 750-8208/025-000
WAGO PFC200 Series 750-8208
WAGO PFC200 Series 750-8207/025-001
WAGO PFC200 Series 750-8207/025-000
WAGO PFC200 Series 750-8207
WAGO PFC200 Series 750-8206/025-001
WAGO PFC200 Series 750-8206/025-000
WAGO PFC200 Series 750-8206
WAGO PFC200 Series 750-8204/025-000
WAGO PFC200 Series 750-8204
WAGO PFC200 Series 750-8203/025-000
WAGO PFC200 Series 750-8203
WAGO PFC200 Series 750-8202/040-001
WAGO PFC200 Series 750-8202/025-002
WAGO PFC200 Series 750-8202/025-001
WAGO PFC200 Series 750-8202/025-000
WAGO PFC200 Series 750-8202

Software vendor:
WAGO

The vulnerability allows a remote attacker can bypass authentication on the target system.

The weakness exists due improper authentication. A remote attacker can send specially-crafted TCP packets to Port 2455, bypass authentication, execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Install update from vendor's website.

• http://global.wago.com/media/2_products/security/Sec-Advisory_CoDeSys.pdf