CVE-2020-12516

WAGO: PLC families 750-88x and 750-352 prone to DoS attack

CVSS 7.5 HIGHEPSS 1.9%CWE-400

In short

Older versions of WAGO PLC controllers (750-88x and 750-352 models) can be forced to stop working through a specially crafted denial of service attack, disrupting industrial operations that depend on these devices.

Technical detail

The vulnerability affects WAGO PLC firmware versions FW1 through FW10 in the 750-88x and 750-352 families, allowing remote attackers to trigger a denial of service condition via a specially crafted request, resulting in unavailability of critical industrial control systems.

Summary generated and translated by AI from the official description.

Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

WAGO · 750-331/xxx-xxx WAGO · 750-352 WAGO · 750-829 WAGO · 750-831/xxx-xxx WAGO · 750-852 WAGO · 750-880/xxx-xxx WAGO · 750-881 WAGO · 750-882 WAGO · 750-885 WAGO · 750-889

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert.vde.com/en-us/advisories/vde-2020-042 https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01