ICSA-19-106-02
·
Published 2019-04-16
·
View on CISA ICS-CERT ↗
WAGO Series 750-88x and 750-87x
CVSS 9.8
CRITICAL
Risk Summary
This vulnerability allows a remote attacker to change the settings or alter the programming of the device.
CVEs (1)
Remediations
- WAGO released a security advisory available at:https://www.wago.com/de/download/public/Sicherheitshinweis-SA-SYS-2019-001/SA-SYS-2019-001.pdf
- Restrict network access to the web server.
- Restrict network access to the device.
- Do not directly connect the device to the Internet.
- CERT@VDE has published an advisory regarding this vulnerability at the following location:
Affected Vendors
WAGO
Affected Products (16)
WAGO
·
750-880
< FW14
WAGO
·
750-871
< FW11
WAGO
·
750-872
< FW07
WAGO
·
750-884
< FW14
WAGO
·
750-882
< FW14
WAGO
·
750-829
< FW14
WAGO
·
750-881
< FW14
WAGO
·
750-830
< FW06
WAGO
·
750-849
< FW08
WAGO
·
750-852
< FW14
WAGO
·
750-885
< FW14
WAGO
·
750-873
< FW07
WAGO
·
750-889
< FW14
WAGO
·
750-330
< FW14
WAGO
·
750-352
< FW14
WAGO
·
750-831
< FW14
Affected Sectors
Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more