The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.
References
| Link | Resource |
|---|---|
| https://cert.vde.com/en-us/advisories/vde-2020-045 | Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
History
No history.
Information
Published : 2020-12-17 23:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-12522
Mitre link : CVE-2020-12522
CVE.ORG link : CVE-2020-12522
JSON object : View
Products Affected
wago
- 750-8208\/025-001
- 750-8202\/040-000
- 750-8207\/025-001
- 750-8212\/025-002
- 750-8211\/040-000
- pfc_100_firmware
- 750-8206\/025-001
- 750-8206\/040-001
- 750-8210\/025-000
- 762-6204\/8000-001
- 762-4303\/8000-002
- 750-8213\/040-010
- 750-8202\/040-001
- 750-8101\/025-000
- 750-8216\/025-001
- 750-8210\/040-000
- touch_panel_600_advanced_firmware
- pfc_200_firmware
- 762-4301\/8000-002
- 762-6203\/8000-001
- touch_panel_600_marine_firmware
- 750-8217\/025-000
- 762-6202\/8000-001
- 750-8212\/040-000
- 750-8206\/025-000
- 750-8206\/040-000
- 750-8208\/025-000
- 762-5304\/8000-002
- 750-8102\/025-000
- 750-8216\/025-000
- 762-4304\/8000-002
- 750-8211\/040-001
- 762-6201\/8000-001
- 762-4302\/8000-002
- 750-8202\/000-012
- 750-8212\/025-001
- 750-8202\/000-022
- 750-8212\/025-000
- 750-8212\/040-010
- touch_panel_600_standard_firmware
- 762-5303\/8000-002
- 750-8207\/025-000
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')