ICSA-20-308-01
·
Published 2020-12-15
·
View on CISA ICS-CERT ↗
WAGO Series 750-88x and 750-352 (Update A)
CVSS 7.5
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to crash the device being accessed using a denial-of-service attack.
CVEs (1)
Remediations
- WAGO recommends updating to the latest firmware, Version FW14
- Restrict network access to the device.
- Do not directly connect the device to the Internet.
- Disable unused TCP/UDP ports.
- CERT@VDE has published an advisory regarding this vulnerability.
Affected Vendors
WAGO
Affected Products (10)
WAGO
·
750-352
< FW11
WAGO
·
750-885
< FW11
WAGO
·
750-882
< FW11
WAGO
·
750-881
< FW11
WAGO
·
750-880/xxx-xxx
< FW11
WAGO
·
750-831/xxx-xxx
< FW11
WAGO
·
750-889
< FW11
WAGO
·
750-331/xxx-xxx
< FW11
WAGO
·
750-852
< FW11
WAGO
·
750-829
< FW11
Affected Sectors
Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more