WAGO Ethernet Web-based Management Authentication Bypass Vulnerability

CVEs (1)

Remediations

• WAGO recommends the following use conditions for Ethernet devices:
• If not otherwise specified, Ethernet devices are intended for use on local networks. Users should note the following when using Ethernet devices:
• Do not connect control components and control networks to an open network such as the Internet or an office network. WAGO recommends putting control components and control networks behind a firewall.
• Limit physical and electronic access to all automation components to authorized personnel only.
• Change the default passwords before first use. This will reduce the risk of unauthorized access to systems. Regularly change passwords. This will reduce the risk of unauthorized access to systems.
• If remote access to control components and control networks is required, use a Virtual Private Network (VPN).
• Regularly perform threat analyses. Check whether the measures taken meet company security requirements.
• Use “defense-in-depth” mechanisms in the system’s security configuration to restrict the access to and control of individual products and networks.

Affected Vendors

Affected Products (3)