CVE-2020-12522
Last modified
CVE-2020-12522 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.. EPSS estimates a 2.93% chance of exploitation in the next 30 days.
Description
The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Wago | Pfc 100 Firmware | <= 10 |
| Wago | Pfc 200 Firmware | <= 10 |
| Wago | Touch Panel 600 Standard Firmware | <= 10 |
| Wago | Touch Panel 600 Advanced Firmware | <= 10 |
| Wago | Touch Panel 600 Marine Firmware | <= 10 |
References
- https://cert.vde.com/en-us/advisories/vde-2020-045Third Party Advisory
- https://cert.vde.com/en-us/advisories/vde-2020-045Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-12522?
How severe is CVE-2020-12522?
How do I fix CVE-2020-12522?
Are you affected by CVE-2020-12522?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST