Vulnerability-Lookup

CVE-2023-1698 (GCVE-0-2023-1698)

Vulnerability from cvelistv5 – Published: 2023-05-15 08:51 – Updated: 2025-01-23 19:13

KEVIntel

Title

WAGO: WBM Command Injection in multiple products

Summary

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Assigner

CERTVDE

References

1 reference

URL	Tags
https://cert.vde.com/en/advisories/VDE-2023-007/

Impacted products

7 products

Vendor	Product	Version
WAGO	Compact Controller CC100	Affected: FW20 , ≤ FW22 (semver) Affected: FW23
WAGO	Edge Controller	Affected: FW22
WAGO	PFC100	Affected: FW20 , ≤ FW22 (semver) Affected: FW23
WAGO	PFC200	Affected: FW20 , ≤ FW22 (semver) Affected: FW23
WAGO	Touch Panel 600 Advanced Line	Affected: FW22
WAGO	Touch Panel 600 Marine Line	Affected: FW22
WAGO	Touch Panel 600 Standard Line	Affected: FW22

Credits

Quentin Kaiser from ONEKEY

KEVIntel

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 6d5a97ef-6ac4-4c1f-af8f-9e85427b3574

Vulnerability ID: CVE-2023-1698

Status: Confirmed

Status Updated: 2025-07-07 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2025-07-07

Asserted: 2025-07-07

Scope

Notes: KEVIntel entry: WAGO: WBM Command Injection in multiple products | Affected: WAGO / Compact Controller CC100, Edge Controller, PFC100, PFC200, Touch Panel 600 Advanced Line, Touch Panel 600 Marine Line, Touch Panel 600 Standard Line | CVSS: 9.8 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: True

Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	WAGO: WBM Command Injection in multiple products
Vendor	WAGO
Product	Compact Controller CC100, Edge Controller, PFC100, PFC200, Touch Panel 600 Advanced Line, Touch Panel 600 Marine Line, Touch Panel 600 Standard Line
Added Date	2025-07-07T00:00:00.000Z
Cvss Score	9.8
Epss Score	None
Cvss Severity	CRITICAL
Epss Percentile	None
Used In Malware	unknown
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	True

References

Created: 2026-06-19 12:46 UTC | Updated: 2026-06-19 12:46 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:57:24.816Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2023-007/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-1698",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-23T19:12:48.907770Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-23T19:13:09.654Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Compact Controller CC100",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW22",
              "status": "affected",
              "version": "FW20",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "FW23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Edge Controller",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PFC100",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW22",
              "status": "affected",
              "version": "FW20",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "FW23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PFC200",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW22",
              "status": "affected",
              "version": "FW20",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "FW23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Touch Panel 600 Advanced Line",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Touch Panel 600 Marine Line",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Touch Panel 600 Standard Line",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Quentin Kaiser from ONEKEY"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise."
            }
          ],
          "value": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-15T08:51:27.453Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://cert.vde.com/en/advisories/VDE-2023-007/"
        }
      ],
      "source": {
        "advisory": "VDE-2023-007",
        "defect": [
          "CERT@VDE#64422"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "WAGO: WBM Command Injection in multiple products",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2023-1698",
    "datePublished": "2023-05-15T08:51:27.453Z",
    "dateReserved": "2023-03-29T13:00:05.618Z",
    "dateUpdated": "2025-01-23T19:13:09.654Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-1698",
      "date": "2026-06-22",
      "epss": "0.81911",
      "percentile": "0.99607"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20\", \"versionEndIncluding\": \"23\", \"matchCriteriaId\": \"8700EAE8-69B3-4F39-9540-EB3EB11CAB82\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:compact_controller_100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"532907AF-7E4A-4065-A799-753FC3313D6C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:edge_controller_firmware:22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17FE837A-4BAB-4963-AC1F-5BEEE769AF0C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:edge_controller:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DFC57C8-6AF4-4771-B0A0-744137FBFECF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20\", \"versionEndIncluding\": \"23\", \"matchCriteriaId\": \"F462A5D8-4488-432E-8A63-FEE9B7215398\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F636354-95A2-4B36-9666-1FA57F185432\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"20\", \"versionEndIncluding\": \"23\", \"matchCriteriaId\": \"29246E43-1289-45FB-A996-35DE3E6D8B67\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"688A3248-7EAA-499D-A47C-A4D4900CDBD1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A613D7C-29C0-4D4E-ACDA-15BBC6FF0104\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:touch_panel_600_advanced:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8221861-7455-41D5-B310-6AEA822B46CF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:touch_panel_600_marine_firmware:22:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"774CFF47-61B6-48F8-8E1F-E3DC215066AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:touch_panel_600_marine:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83DEFFBC-934D-43BE-92AE-25F8EE8C1E0A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:touch_panel_600_standard_firmware:22:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA7A911A-395A-4536-8756-83DB2F62899D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:touch_panel_600_standard:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6D7A44C-2D95-4F69-A7DB-435B0A6F9F03\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.\"}]",
      "id": "CVE-2023-1698",
      "lastModified": "2024-11-21T07:39:43.320",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-05-15T09:15:09.510",
      "references": "[{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-007/\", \"source\": \"info@cert.vde.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-007/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "info@cert.vde.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"info@cert.vde.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-1698\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2023-05-15T09:15:09.510\",\"lastModified\":\"2024-11-21T07:39:43.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20\",\"versionEndIncluding\":\"23\",\"matchCriteriaId\":\"8700EAE8-69B3-4F39-9540-EB3EB11CAB82\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:compact_controller_100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532907AF-7E4A-4065-A799-753FC3313D6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:edge_controller_firmware:22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17FE837A-4BAB-4963-AC1F-5BEEE769AF0C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:edge_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DFC57C8-6AF4-4771-B0A0-744137FBFECF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20\",\"versionEndIncluding\":\"23\",\"matchCriteriaId\":\"F462A5D8-4488-432E-8A63-FEE9B7215398\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F636354-95A2-4B36-9666-1FA57F185432\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20\",\"versionEndIncluding\":\"23\",\"matchCriteriaId\":\"29246E43-1289-45FB-A996-35DE3E6D8B67\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"688A3248-7EAA-499D-A47C-A4D4900CDBD1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A613D7C-29C0-4D4E-ACDA-15BBC6FF0104\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:touch_panel_600_advanced:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8221861-7455-41D5-B310-6AEA822B46CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:touch_panel_600_marine_firmware:22:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"774CFF47-61B6-48F8-8E1F-E3DC215066AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:touch_panel_600_marine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83DEFFBC-934D-43BE-92AE-25F8EE8C1E0A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:touch_panel_600_standard_firmware:22:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA7A911A-395A-4536-8756-83DB2F62899D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:touch_panel_600_standard:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6D7A44C-2D95-4F69-A7DB-435B0A6F9F03\"}]}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-007/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-007/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:57:24.816Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-1698\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-23T19:12:48.907770Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-23T19:12:59.446Z\"}}], \"cna\": {\"title\": \"WAGO: WBM Command Injection in multiple products\", \"source\": {\"defect\": [\"CERT@VDE#64422\"], \"advisory\": \"VDE-2023-007\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Quentin Kaiser from ONEKEY\"}], \"impacts\": [{\"capecId\": \"CAPEC-88\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-88 OS Command Injection\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"WAGO\", \"product\": \"Compact Controller CC100\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW20\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW22\"}, {\"status\": \"affected\", \"version\": \"FW23\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Edge Controller\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW22\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC100\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW20\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW22\"}, {\"status\": \"affected\", \"version\": \"FW23\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"PFC200\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW20\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW22\"}, {\"status\": \"affected\", \"version\": \"FW23\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Touch Panel 600 Advanced Line\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW22\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Touch Panel 600 Marine Line\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW22\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Touch Panel 600 Standard Line\", \"versions\": [{\"status\": \"affected\", \"version\": \"FW22\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-007/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2023-05-15T08:51:27.453Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-1698\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-23T19:13:09.654Z\", \"dateReserved\": \"2023-03-29T13:00:05.618Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2023-05-15T08:51:27.453Z\", \"assignerShortName\": \"CERTVDE\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-1698

Vulnerability from fkie_nvd - Published: 2023-05-15 09:15 - Updated: 2026-06-17 05:28

KEVIntel

Severity

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	info@cert.vde.com	https://cert.vde.com/en/advisories/VDE-2023-007/	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert.vde.com/en/advisories/VDE-2023-007/	Third Party Advisory

Impacted products

Vendor	Product	Version
wago	compact_controller_100_firmware	*
wago	compact_controller_100	-
wago	edge_controller_firmware	22
wago	edge_controller	-
wago	pfc100_firmware	*
wago	pfc100	-
wago	pfc200_firmware	*
wago	pfc200	-
wago	touch_panel_600_advanced_firmware	22
wago	touch_panel_600_advanced	-
wago	touch_panel_600_marine_firmware	22
wago	touch_panel_600_marine	-
wago	touch_panel_600_standard_firmware	22
wago	touch_panel_600_standard	-

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "Compact Controller CC100",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW22",
              "status": "affected",
              "version": "FW20",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "FW23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Edge Controller",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PFC100",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW22",
              "status": "affected",
              "version": "FW20",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "FW23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PFC200",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW22",
              "status": "affected",
              "version": "FW20",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "FW23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Touch Panel 600 Advanced Line",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Touch Panel 600 Marine Line",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Touch Panel 600 Standard Line",
          "vendor": "WAGO",
          "versions": [
            {
              "status": "affected",
              "version": "FW22"
            }
          ]
        }
      ],
      "source": "info@cert.vde.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8700EAE8-69B3-4F39-9540-EB3EB11CAB82",
              "versionEndIncluding": "23",
              "versionStartIncluding": "20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:compact_controller_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "532907AF-7E4A-4065-A799-753FC3313D6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:edge_controller_firmware:22:*:*:*:*:*:*:*",
              "matchCriteriaId": "17FE837A-4BAB-4963-AC1F-5BEEE769AF0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:edge_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFC57C8-6AF4-4771-B0A0-744137FBFECF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F462A5D8-4488-432E-8A63-FEE9B7215398",
              "versionEndIncluding": "23",
              "versionStartIncluding": "20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F636354-95A2-4B36-9666-1FA57F185432",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29246E43-1289-45FB-A996-35DE3E6D8B67",
              "versionEndIncluding": "23",
              "versionStartIncluding": "20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "688A3248-7EAA-499D-A47C-A4D4900CDBD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A613D7C-29C0-4D4E-ACDA-15BBC6FF0104",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:touch_panel_600_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8221861-7455-41D5-B310-6AEA822B46CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:touch_panel_600_marine_firmware:22:-:*:*:*:*:*:*",
              "matchCriteriaId": "774CFF47-61B6-48F8-8E1F-E3DC215066AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:touch_panel_600_marine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DEFFBC-934D-43BE-92AE-25F8EE8C1E0A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:touch_panel_600_standard_firmware:22:-:*:*:*:*:*:*",
              "matchCriteriaId": "FA7A911A-395A-4536-8756-83DB2F62899D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:touch_panel_600_standard:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D7A44C-2D95-4F69-A7DB-435B0A6F9F03",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise."
    }
  ],
  "id": "CVE-2023-1698",
  "lastModified": "2026-06-17T05:28:34.097",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "info@cert.vde.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2023-1698",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-01-23T19:12:48.907770Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2023-05-15T09:15:09.510",
  "references": [
    {
      "source": "info@cert.vde.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/en/advisories/VDE-2023-007/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/en/advisories/VDE-2023-007/"
    }
  ],
  "sourceIdentifier": "info@cert.vde.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "info@cert.vde.com",
      "type": "Secondary"
    }
  ]
}

GHSA-VF3G-HQQF-R379

Vulnerability from github – Published: 2023-05-15 09:30 – Updated: 2024-04-04 04:04

Details

Severity

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-1698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-15T09:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.",
  "id": "GHSA-vf3g-hqqf-r379",
  "modified": "2024-04-04T04:04:56Z",
  "published": "2023-05-15T09:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1698"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2023-007"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2023-1698

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-1698

Aliases

CVE-2023-1698

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-1698",
    "id": "GSD-2023-1698"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-1698"
      ],
      "details": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.",
      "id": "GSD-2023-1698",
      "modified": "2023-12-13T01:20:41.754720Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "info@cert.vde.com",
        "ID": "CVE-2023-1698",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Compact Controller CC100",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "FW20",
                          "version_value": "FW22"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "FW23"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Edge Controller",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "FW22"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "PFC100",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "FW20",
                          "version_value": "FW22"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "FW23"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "PFC200",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "FW20",
                          "version_value": "FW22"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "FW23"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Touch Panel 600 Advanced Line",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "FW22"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Touch Panel 600 Marine Line",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "FW22"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Touch Panel 600 Standard Line",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "FW22"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "WAGO"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Quentin Kaiser from ONEKEY"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-78",
                "lang": "eng",
                "value": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert.vde.com/en/advisories/VDE-2023-007/",
            "refsource": "MISC",
            "url": "https://cert.vde.com/en/advisories/VDE-2023-007/"
          }
        ]
      },
      "source": {
        "advisory": "VDE-2023-007",
        "defect": [
          "CERT@VDE#64422"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "23",
                    "versionStartIncluding": "20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:compact_controller_100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:edge_controller_firmware:22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:edge_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "23",
                    "versionStartIncluding": "20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "23",
                    "versionStartIncluding": "20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:touch_panel_600_advanced:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:touch_panel_600_marine_firmware:22:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:touch_panel_600_marine:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:touch_panel_600_standard_firmware:22:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:touch_panel_600_standard:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "ID": "CVE-2023-1698"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en/advisories/VDE-2023-007/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2023-007/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-05-26T17:09Z",
      "publishedDate": "2023-05-15T09:15Z"
    }
  }
}

VAR-202305-1415

Vulnerability from variot - Updated: 2023-12-18 13:46

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. compact controller 100 firmware, Edge Controller firmware, PFC100 firmware etc. WAGO The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202305-1415",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "touch panel 600 advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "wago",
        "version": "22"
      },
      {
        "model": "compact controller 100",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "wago",
        "version": "20"
      },
      {
        "model": "pfc100",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "wago",
        "version": "23"
      },
      {
        "model": "compact controller 100",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "wago",
        "version": "23"
      },
      {
        "model": "pfc100",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "wago",
        "version": "20"
      },
      {
        "model": "edge controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "wago",
        "version": "22"
      },
      {
        "model": "pfc200",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "wago",
        "version": "23"
      },
      {
        "model": "pfc200",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "wago",
        "version": "20"
      },
      {
        "model": "touch panel 600 standard",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "wago",
        "version": "22"
      },
      {
        "model": "touch panel 600 marine",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "wago",
        "version": "22"
      },
      {
        "model": "compact controller 100",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "touch panel 600 marine",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "pfc200",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "edge controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "pfc100",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "touch panel 600 standard",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "touch panel 600 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "23",
                    "versionStartIncluding": "20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:compact_controller_100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:edge_controller_firmware:22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:edge_controller:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "23",
                    "versionStartIncluding": "20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "23",
                    "versionStartIncluding": "20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:touch_panel_600_advanced:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:touch_panel_600_marine_firmware:22:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:touch_panel_600_marine:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:touch_panel_600_standard_firmware:22:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:touch_panel_600_standard:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "cve": "CVE-2023-1698",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "info@cert.vde.com",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2023-009971",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "info@cert.vde.com",
            "id": "CVE-2023-1698",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2023-009971",
            "trust": 0.8,
            "value": "Critical"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. compact controller 100 firmware, Edge Controller firmware, PFC100 firmware etc. WAGO The product has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-1698"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-1698",
        "trust": 2.7
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2023-007",
        "trust": 1.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971",
        "trust": 0.8
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-1698",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-1698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "id": "VAR-202305-1415",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.65716723
  },
  "last_update_date": "2023-12-18T13:46:01.870000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.0
      },
      {
        "problemtype": "OS Command injection (CWE-78) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://cert.vde.com/en/advisories/vde-2023-007/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-1698"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/78.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-1698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-1698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-1698"
      },
      {
        "date": "2023-12-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "date": "2023-05-15T09:15:09.510000",
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-05-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-1698"
      },
      {
        "date": "2023-12-07T05:39:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      },
      {
        "date": "2023-05-26T17:09:45.837000",
        "db": "NVD",
        "id": "CVE-2023-1698"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0WAGO\u00a0 In the product \u00a0OS\u00a0 Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-009971"
      }
    ],
    "trust": 0.8
  }
}

VDE-2023-007

Vulnerability from csaf_wagogmbhcokg - Published: 2023-05-15 08:00 - Updated: 2025-05-22 13:03

Summary

WAGO: Unauthenticated command execution via Web-based-management UPDATE A

Notes

Summary: The 'legal information' plugin of web-based-management contained a vulnerability which allowed execution of arbitrary commands with privileges of www user. UPDATE A 15.06.2023 : Removed PFC100 with FW23 as affected product and from solution PFC200 with FW23 is only affected on 750-821x/xxx-xxx Renamed "FW22 Patch 1" to "FW22 SP1" to match the versions of the download portal

Impact: Exploiting the vulnerability provides arbitrary command execution with privileges of the 'www' user. Via this flaw an attacker can change device configuration, create users or even take over the system.

Mitigation: As general security measures strongly WAGO recommends: Use general security best practices to protect systems from local and network attacks. Do not allow direct access to the device from untrusted networks. Update to the latest firmware according to the table in chapter solutions. Industrial control systems (ICS) should not be directly accessible from the Internet, but should be protected by consistently applying the defense-in-depth strategy. The BSI provides general information on securing ICS in the ICS Compendium (https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/ICS/ICS-Security_compendium.pdf).

Remediation: Wago recommends all affected users to update to the firmware version listed below: | Article No° | Product Name | Fixed Version | |----------------------|------------------------------|----------------------------------| | 751-9301 | Compact Controller CC100 | FW24 | | 752-8303/8000-002 | Edge Controller | FW22 | | 752-8303/8000-002 | Edge Controller | FW24 | | 750-81xx/xxx-xxx | PFC100 | FW22 SP1 | | 750-82xx/xxx-xxx | PFC200 | FW22 SP1 l | | 750-821x/xxx-xxx | PFC200 | FW24 | | 762-5xxx | Touch Panel 600 Advanced Line| FW22 SP1 | | 762-5xxx | Touch Panel 600 Advanced Line| FW24 | | 762-6xxx | Touch Panel 600 Marine Line | FW22 SP1 | | 762-6xxx | Touch Panel 600 Marine Line | FW24 | | 762-4xxx | Touch Panel 600 Standard Line| FW22 SP1 | | 762-4xxx | Touch Panel 600 Standard Line| FW24 |

CVE-2023-1698

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Mitigation As general security measures strongly WAGO recommends: Use general security best practices to protect systems from local and network attacks. Do not allow direct access to the device from untrusted networks. Update to the latest firmware according to the table in chapter solutions. Industrial control systems (ICS) should not be directly accessible from the Internet, but should be protected by consistently applying the defense-in-depth strategy. The BSI provides general information on securing ICS in the ICS Compendium (https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/ICS/ICS-Security_compendium.pdf).

Vendor Fix Wago recommends all affected users to update to the firmware version listed below: | Article No° | Product Name | Fixed Version | |----------------------|------------------------------|----------------------------------| | 751-9301 | Compact Controller CC100 | FW24 | | 752-8303/8000-002 | Edge Controller | FW22 | | 752-8303/8000-002 | Edge Controller | FW24 | | 750-81xx/xxx-xxx | PFC100 | FW22 SP1 | | 750-82xx/xxx-xxx | PFC200 | FW22 SP1 l | | 750-821x/xxx-xxx | PFC200 | FW24 | | 762-5xxx | Touch Panel 600 Advanced Line| FW22 SP1 | | 762-5xxx | Touch Panel 600 Advanced Line| FW24 | | 762-6xxx | Touch Panel 600 Marine Line | FW22 SP1 | | 762-6xxx | Touch Panel 600 Marine Line | FW24 | | 762-4xxx | Touch Panel 600 Standard Line| FW22 SP1 | | 762-4xxx | Touch Panel 600 Standard Line| FW24 |

Affected products

Fixed 7 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—
Unresolved product id: CSAFPID-32003		—
Unresolved product id: CSAFPID-32004		—
Unresolved product id: CSAFPID-32005		—
Unresolved product id: CSAFPID-32006		—
Unresolved product id: CSAFPID-32007		—

Known affected 9 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—
Unresolved product id: CSAFPID-31009		—

References

4 references

URL	Category
https://certvde.com/en/advisories/VDE-2023-007/	self
https://wago.csaf-tp.certvde.com/.well-known/csaf…	self
https://www.wago.com/psirt	external
https://certvde.com/en/advisories/vendor/wago/	external

Acknowledgments

CERT@VDE certvde.com

ONEKEY Quentin Kaiser

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "Quentin Kaiser"
        ],
        "organization": "ONEKEY",
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The \u0027legal information\u0027 plugin of web-based-management contained a vulnerability which allowed execution of arbitrary commands with privileges of www user.\nUPDATE A 15.06.2023 :\n\nRemoved PFC100 with FW23 as affected product and from solution\nPFC200 with FW23 is only affected on\u00a0750-821x/xxx-xxx\nRenamed \"FW22 Patch 1\" to \"FW22 SP1\" to match the versions of the download portal",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Exploiting the vulnerability provides arbitrary command execution with privileges of the \u0027www\u0027 user. Via this flaw an attacker can change device configuration, create users or even take over the system.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "As general security measures strongly WAGO recommends:\n\nUse general security best practices to protect systems from local and network attacks.\nDo not allow direct access to the device from untrusted networks.\nUpdate to the latest firmware according to the table in chapter solutions.\nIndustrial control systems (ICS) should not be directly accessible from the Internet, but should be protected by consistently applying the defense-in-depth strategy.\n\nThe BSI provides general information on securing ICS in the ICS Compendium (https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/ICS/ICS-Security_compendium.pdf).",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Wago recommends all affected users to update to the firmware version listed below:\n\n| Article No\u00b0          | Product Name                 | Fixed Version                    |\n|----------------------|------------------------------|----------------------------------|\n| 751-9301             | Compact Controller CC100     | FW24                             |\n| 752-8303/8000-002    | Edge Controller              | FW22   |\n| 752-8303/8000-002    | Edge Controller              | FW24                             |\n| 750-81xx/xxx-xxx     | PFC100                       | FW22 SP1   |\n| 750-82xx/xxx-xxx     | PFC200                       | FW22 SP1 l  |\n| 750-821x/xxx-xxx     | PFC200                       | FW24                             |\n| 762-5xxx             | Touch Panel 600 Advanced Line| FW22 SP1   |\n| 762-5xxx             | Touch Panel 600 Advanced Line| FW24                             |\n| 762-6xxx             | Touch Panel 600 Marine Line  | FW22 SP1  |\n| 762-6xxx             | Touch Panel 600 Marine Line  | FW24                             |\n| 762-4xxx             | Touch Panel 600 Standard Line| FW22 SP1  |\n| 762-4xxx             | Touch Panel 600 Standard Line| FW24                             |",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@wago.com",
      "name": "WAGO GmbH \u0026 Co. KG",
      "namespace": "https://www.wago.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2023-007: WAGO: Unauthenticated command execution via Web-based-management UPDATE A - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2023-007/"
      },
      {
        "category": "self",
        "summary": "VDE-2023-007: WAGO: Unauthenticated command execution via Web-based-management UPDATE A - CSAF",
        "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-007.json"
      },
      {
        "category": "external",
        "summary": "WAGO PSIRT",
        "url": "https://www.wago.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/wago/"
      }
    ],
    "title": "WAGO: Unauthenticated command execution via Web-based-management UPDATE A",
    "tracking": {
      "aliases": [
        "VDE-2023-007"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2025-05-05T11:33:12.946Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2023-007",
      "initial_release_date": "2023-05-15T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-05-15T08:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "2",
          "summary": "Fix: quotation mark"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Compact Controller 100",
                "product": {
                  "name": "Compact Controller 100",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "751-9301"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Edge Controller",
                "product": {
                  "name": "Edge Controller",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "752-8303/8000-002"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "PFC100",
                "product": {
                  "name": "PFC100",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-81xx/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "PFC200",
                "product": {
                  "name": "PFC200",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-821x/xxx-xxx",
                      "750-82xx/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Touch Panel 600 Advanced Line",
                "product": {
                  "name": "Touch Panel 600 Advanced Line",
                  "product_id": "CSAFPID-11005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "762-5xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Touch Panel 600 Marine Line",
                "product": {
                  "name": "Touch Panel 600 Marine Line",
                  "product_id": "CSAFPID-11006",
                  "product_identification_helper": {
                    "model_numbers": [
                      "762-6xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Touch Panel 600 Standard Line",
                "product": {
                  "name": "Touch Panel 600 Standard Line",
                  "product_id": "CSAFPID-11007",
                  "product_identification_helper": {
                    "model_numbers": [
                      "762-4xxx"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "FW23",
                "product": {
                  "name": "Firmware FW23",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "FW20\u003c=FW22",
                "product": {
                  "name": "Firmware FW20 \u003c= FW22",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version",
                "name": "FW22",
                "product": {
                  "name": "Firmware FW22",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version",
                "name": "FW24",
                "product": {
                  "name": "Firmware FW24",
                  "product_id": "CSAFPID-22001"
                }
              },
              {
                "category": "product_version",
                "name": "FW22 SP1",
                "product": {
                  "name": "Firmware FW22 SP1",
                  "product_id": "CSAFPID-22002"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "WAGO"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW23 installed on Compact Controller 100",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW20 \u003c= FW22 installed on Edge Controller",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW22 installed on PFC100",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW20 \u003c= FW22 installed on PFC200",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW23 installed on Touch Panel 600 Advanced Line",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW20 \u003c= FW22 installed on Touch Panel 600 Marine Line",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW22 installed on Touch Panel 600 Standard Line",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW24 installed on Compact Controller 100",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW24 installed on Edge Controller",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW24 installed on PFC100",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW22 SP1 installed on PFC200",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW24 installed on Touch Panel 600 Advanced Line",
          "product_id": "CSAFPID-32005"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW24 installed on Touch Panel 600 Marine Line",
          "product_id": "CSAFPID-32006"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW24 installed on Touch Panel 600 Standard Line",
          "product_id": "CSAFPID-32007"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW22 installed on Compact Controller 100",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW23 installed on PFC200",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-1698",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "As general security measures strongly WAGO recommends:\n\nUse general security best practices to protect systems from local and network attacks.\nDo not allow direct access to the device from untrusted networks.\nUpdate to the latest firmware according to the table in chapter solutions.\nIndustrial control systems (ICS) should not be directly accessible from the Internet, but should be protected by consistently applying the defense-in-depth strategy.\n\nThe BSI provides general information on securing ICS in the ICS Compendium (https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/ICS/ICS-Security_compendium.pdf).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Wago recommends all affected users to update to the firmware version listed below:\n\n| Article No\u00b0          | Product Name                 | Fixed Version                    |\n|----------------------|------------------------------|----------------------------------|\n| 751-9301             | Compact Controller CC100     | FW24                             |\n| 752-8303/8000-002    | Edge Controller              | FW22   |\n| 752-8303/8000-002    | Edge Controller              | FW24                             |\n| 750-81xx/xxx-xxx     | PFC100                       | FW22 SP1   |\n| 750-82xx/xxx-xxx     | PFC200                       | FW22 SP1 l  |\n| 750-821x/xxx-xxx     | PFC200                       | FW24                             |\n| 762-5xxx             | Touch Panel 600 Advanced Line| FW22 SP1   |\n| 762-5xxx             | Touch Panel 600 Advanced Line| FW24                             |\n| 762-6xxx             | Touch Panel 600 Marine Line  | FW22 SP1  |\n| 762-6xxx             | Touch Panel 600 Marine Line  | FW24                             |\n| 762-4xxx             | Touch Panel 600 Standard Line| FW22 SP1  |\n| 762-4xxx             | Touch Panel 600 Standard Line| FW24                             |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009"
          ]
        }
      ],
      "title": "CVE-2023-1698"
    }
  ]
}

VDE-2024-054

Vulnerability from csaf_endresshauserag - Published: 2024-10-21 08:00 - Updated: 2025-05-22 13:03

Summary

Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities

Notes

Summary: Several vulnerabilities have been identified in the web-based management of WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the solutions by Endress+Hauser. Additionally, a guideline on secure operation of these solutions has been made available.

Impact: With Cross-Site-Scripting it would be possible to attack a user's Web Browser, thereby potentially leaking data, including personal and device data, to other 3rd parties. In case of leaked backup data, then credentials used to authenticate with the remote services are also compromised.\ If the attacker has physical access to the component, then * The devices connected to the components may no longer be available in Netilion. * The data received by Netilion from the connected devices could be manipulated data. * The components could be a vector in other cyber-attacks. * Data from the components and connected devices could be leaked to 3rd parties.

Mitigation: If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of the Web Based Management tool from the internet. This can be achieved by using a network element, such as a router, which hides and secures the components from the internet.

Remediation: Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the vulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For support, please contact your local service center.

General Recommendations: Endress+Hauser recommends using the solutions only in a secure environment and to allow access to their components only to authorized persons.\ In this context, Endress+Hauser characterizes a secure environment as follows: 1. The secure environment consists of three domains: - Operational Technology (OT), here: Network for process automation. - Information Technology (IT), here: Corporate network for information processing and with Internet connection. - Netilion Cloud: Endress+Hauser's cloud based IIoT ecosystem. 2. The edge device and its connected field devices are in the OT domain. - Information is transferred from the edge device to the IT domain. 3. The communication between the OT domain and the IT domain should be protected by a firewall. 4. The communication between the IT domain and the Netilion Cloud should be protected by a firewall.

CVE-2022-45138

The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-306 - Missing Authentication for Critical Function

Mitigation If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of the Web Based Management tool from the internet. This can be achieved by using a network element, such as a router, which hides and secures the components from the internet.

Vendor Fix Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the vulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For support, please contact your local service center.

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

CVE-2022-45140

The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise. users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-306 - Missing Authentication for Critical Function

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

CVE-2023-1698

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters that can lead to full compromise of the device.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

CVE-2022-45137

The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability.

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

CVE-2022-45139

A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-346 - Origin Validation Error

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

References

3 references

URL	Category
https://certvde.com/en/advisories/vendor/endress+hauser	external
https://certvde.com/en/advisories/VDE-2024-054	self
https://endress-hauser.csaf-tp.certvde.com/.well-…	self

Acknowledgments

CERT@VDE certvde.com

ONEKEY Quentin Kaiser onekey.com

Georgia Institute of Technology's Cyber-Physical Security Lab Ryan Pickren

ONEKEY Quentin Kaiser onekey.com

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "Quentin Kaiser"
        ],
        "organization": "ONEKEY",
        "summary": "reporting the CVE-2023-1698",
        "urls": [
          "https://onekey.com"
        ]
      },
      {
        "names": [
          "Ryan Pickren"
        ],
        "organization": "Georgia Institute of Technology\u0027s Cyber-Physical Security Lab",
        "summary": "reporting the other vulnerabilities"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Several vulnerabilities have been identified in the web-based management of WAGO devices utilized in\nEndress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been\nintegrated into the solutions by Endress+Hauser. Additionally, a guideline on secure operation of these\nsolutions has been made available.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "With Cross-Site-Scripting it would be possible to attack a user\u0027s Web Browser, thereby potentially leaking\ndata, including personal and device data, to other 3rd parties. In case of leaked backup data, then credentials\nused to authenticate with the remote services are also compromised.\\\nIf the attacker has physical access to the component, then\n* The devices connected to the components may no longer be available in Netilion.\n* The data received by Netilion from the connected devices could be manipulated data.\n* The components could be a vector in other cyber-attacks.\n* Data from the components and connected devices could be leaked to 3rd parties.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of\nthe Web Based Management tool from the internet. This can be achieved by using a network element, such\nas a router, which hides and secures the components from the internet.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the\nvulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For\nsupport, please contact your local service center.",
        "title": "Remediation"
      },
      {
        "category": "general",
        "text": "Endress+Hauser recommends using the solutions only in a secure environment and to allow access to their components only to authorized persons.\\\nIn this context, Endress+Hauser characterizes a secure environment as follows:\n1. The secure environment consists of three domains:\n    - Operational Technology (OT), here: Network for process automation.\n    - Information Technology (IT), here: Corporate network for information processing and with Internet connection.\n    - Netilion Cloud: Endress+Hauser\u0027s cloud based IIoT ecosystem.\n2. The edge device and its connected field devices are in the OT domain.\n    - Information is transferred from the edge device to the IT domain.\n3. The communication between the OT domain and the IT domain should be protected by a firewall.\n4. The communication between the IT domain and the Netilion Cloud should be protected by a firewall.",
        "title": "General Recommendations"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@endress.com",
      "name": "Endress+Hauser AG",
      "namespace": "https://www.endress.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Endress+Hauser",
        "url": "https://certvde.com/en/advisories/vendor/endress+hauser"
      },
      {
        "category": "self",
        "summary": "VDE-2024-054: Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-054"
      },
      {
        "category": "self",
        "summary": "VDE-2024-054: Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities - CSAF",
        "url": "https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-054.json"
      }
    ],
    "title": "Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities",
    "tracking": {
      "aliases": [
        "VDE-2024-054"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2024-10-21T07:08:20.983Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.12"
        }
      },
      "id": "VDE-2024-054",
      "initial_release_date": "2024-10-21T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-10-21T08:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2024-11-06T11:27:01.000Z",
          "number": "2",
          "summary": "Fix: correct certvde domain, added self-reference"
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "3",
          "summary": "Fix: version space, quotation mark"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Compact Controller CC 100 (751-9301) ",
                "product": {
                  "name": "Endress+Hauser Compact Controller CC 100 (751-9301) ",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "PFC 200 (750-82xx/xxx-xxx) ",
                "product": {
                  "name": "Endress+Hauser PFC 200 (750-82xx/xxx-xxx) ",
                  "product_id": "CSAFPID-11002"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "FW20",
                "product": {
                  "name": "Endress+Hauser FW20",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "FW23",
                "product": {
                  "name": "Endress+Hauser FW23",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version",
                "name": "FW17",
                "product": {
                  "name": "Endress+Hauser FW17",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version",
                "name": "FW22",
                "product": {
                  "name": "Endress+Hauser FW22",
                  "product_id": "CSAFPID-21004"
                }
              },
              {
                "category": "product_version",
                "name": "FW25",
                "product": {
                  "name": "Endress+Hauser FW25",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Endress+Hauser"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Endress+Hauser FW20 installed on Endress+Hauser Compact Controller CC 100 (751-9301)",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Endress+Hauser FW23 installed on Endress+Hauser Compact Controller CC 100 (751-9301)",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Endress+Hauser FW17 installed on Endress+Hauser PFC 200 (750-82xx/xxx-xxx)",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Endress+Hauser FW22 installed on Endress+Hauser PFC 200 (750-82xx/xxx-xxx)",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Endress+Hauser FW25 installed on Endress+Hauser Compact Controller CC 100 (751-9301)",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Endress+Hauser FW25 installed on Endress+Hauser PFC 200 (750-82xx/xxx-xxx)",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Ryan Pickren"
          ],
          "organization": "Georgia Institute of Technology\u0027s Cyber-Physical Security Lab",
          "summary": "reporting"
        }
      ],
      "cve": "CVE-2022-45138",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated\nusers should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device\nparameters that can lead to full compromise of the device.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of\nthe Web Based Management tool from the internet. This can be achieved by using a network element, such\nas a router, which hides and secures the components from the internet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the\nvulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For\nsupport, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2022-45138"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Ryan Pickren"
          ],
          "organization": "Georgia Institute of Technology\u0027s Cyber-Physical Security Lab",
          "summary": "reporting"
        }
      ],
      "cve": "CVE-2022-45140",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could\nlead to unauthenticated remote code execution and full system compromise.\nusers should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device\nparameters that can lead to full compromise of the device.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of\nthe Web Based Management tool from the internet. This can be achieved by using a network element, such\nas a router, which hides and secures the components from the internet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the\nvulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For\nsupport, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2022-45140"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Quentin Kaiser"
          ],
          "organization": "ONEKEY",
          "summary": "reporting",
          "urls": [
            "https://onekey.com"
          ]
        }
      ],
      "cve": "CVE-2023-1698",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the\ndevice configuration which can result in unintended behaviour, Denial of Service and full system compromise.\nusers should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device\nparameters that can lead to full compromise of the device.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of\nthe Web Based Management tool from the internet. This can be achieved by using a network element, such\nas a router, which hides and secures the components from the internet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the\nvulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For\nsupport, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2023-1698"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Ryan Pickren"
          ],
          "organization": "Georgia Institute of Technology\u0027s Cyber-Physical Security Lab",
          "summary": "reporting"
        }
      ],
      "cve": "CVE-2022-45137",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that\ntargets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of\nthe Web Based Management tool from the internet. This can be achieved by using a network element, such\nas a router, which hides and secures the components from the internet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the\nvulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For\nsupport, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 6.1,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 6.1,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2022-45137"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Ryan Pickren"
          ],
          "organization": "Georgia Institute of Technology\u0027s Cyber-Physical Security Lab",
          "summary": "reporting"
        }
      ],
      "cve": "CVE-2022-45139",
      "cwe": {
        "id": "CWE-346",
        "name": "Origin Validation Error"
      },
      "notes": [
        {
          "audience": "all",
          "category": "description",
          "text": "A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic\ninformation pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like\nCPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of\nconfidentiality.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If an immediate firmware update is not possible, the only way to prevent an attack is to prevent the access of\nthe Web Based Management tool from the internet. This can be achieved by using a network element, such\nas a router, which hides and secures the components from the internet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Endress+Hauser provides updated firmware versions for the related components from WAGO which fixes the\nvulnerability. Endress+Hauser strongly recommends customers to update to the new fixed version. For\nsupport, please contact your local service center.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2022-45139"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-1698 (GCVE-0-2023-1698)

KEVIntel

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Successful Exploitation Confidence: 70% Source: kevintel

Details

References

FKIE_CVE-2023-1698

GHSA-VF3G-HQQF-R379

GSD-2023-1698

VAR-202305-1415

VDE-2023-007

VDE-2024-054

Tags

Sightings

Nomenclature