Risk Summary
Successful exploitation of this vulnerability could allow an attacker with administrative privileges can access sensitive files in an unintended, undocumented way.
CVEs (1)
Remediations
- As general security measures strongly WAGO recommends:
- Use general security best practices to protect systems from local and network attacks.
- Do not allow direct access to the device from untrusted networks.
- Update to the latest firmware (FW27) according to the table in VDE-2023-046.
- CERT@VDE has published advisory VDE-2023-046 for this vulnerability.
Affected Vendors
WAGO
Affected Products (7)
WAGO
·
Compact Controller CC100
>FW19_up_to_and_including_FW26
WAGO
·
Edge Controller
>FW18_up_to_and_including_FW26
WAGO
·
PFC100
>FW16_up_to_and_including_FW26
WAGO
·
PFC200
>FW16_up_to_and_including_FW26
WAGO
·
Touch Panel 600 Advanced Line
>FW16_up_to_and_including_FW26
WAGO
·
Touch Panel 600 Marine Line
>FW16_up_to_and_including_FW26
WAGO
·
Touch Panel 600 Standard Line
>FW16_up_to_and_including_FW26
Affected Sectors
Commercial Facilities, Critical Manufacturing, Energy, and Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more