CVE-2023-4089
Last modified
CVE-2023-4089 is a low-severity vulnerability rated 2.7/10 on the CVSS scale. On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.. EPSS estimates a 0.47% chance of exploitation in the next 30 days.
Description
On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Wago | Compact Controller 100 Firmware | >= 19, <= 26 |
| Wago | Edge Controller Firmware | >= 18, <= 26 |
| Wago | Pfc100 Firmware | >= 16, <= 26 |
| Wago | Pfc200 Firmware | >= 16, <= 26 |
| Wago | Touch Panel 600 Advanced Firmware | >= 16, <= 26 |
| Wago | Touch Panel 600 Marine Firmware | >= 16, <= 26 |
| Wago | Touch Panel 600 Standard Firmware | >= 16, <= 26 |
References
- https://cert.vde.com/en/advisories/VDE-2023-046/Third Party Advisory
- https://cert.vde.com/en/advisories/VDE-2023-046/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-4089?
How severe is CVE-2023-4089?
How do I fix CVE-2023-4089?
Are you affected by CVE-2023-4089?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST