CVE-2018-5459
Vulnerability from cvelistv5
Published
2018-02-13 21:00
Modified
2024-08-05 05:33
Severity ?
Summary
An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.
References
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSA-18-044-01Third Party Advisory, US Government Resource
Impacted products
n/aWAGO PFC200 Series
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:44.375Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WAGO PFC200 Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "WAGO PFC200 Series"
            }
          ]
        }
      ],
      "datePublic": "2018-02-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-13T20:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-5459",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WAGO PFC200 Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WAGO PFC200 Series"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2018-5459",
    "datePublished": "2018-02-13T21:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T05:33:44.375Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-5459\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2018-02-13T21:29:00.207\",\"lastModified\":\"2019-10-09T23:41:24.033\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema de autenticaci\u00f3n indebida en WAGO PFC200 Series 3S CoDeSys Runtime, versiones 2.3.X y 2.4.X. Un atacante puede ejecutar diferentes operaciones remotas sin autenticaci\u00f3n gracias a la aplicaci\u00f3n CoDeSys Runtime, que est\u00e1 disponible en red por defecto en el puerto 2455. Un atacante podr\u00eda ejecutar algunos comandos sin autenticaci\u00f3n, como la lectura, escritura o eliminaci\u00f3n de archivos arbitrarios, as\u00ed como manipular la aplicaci\u00f3n PLC durante el tiempo de ejecuci\u00f3n mediante el env\u00edo de paquetes TCP especialmente manipulados al puerto 2455.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"02.07.07\\\\(10\\\\)\",\"matchCriteriaId\":\"047F293C-809E-4931-A018-54BCEBD4BD10\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8202:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23B02096-81A5-4823-94F3-D87F389397DE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8202\\\\/025-000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FC647C3-A602-412F-A4DA-5ED092E2779C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8202\\\\/025-001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B99800-C5E6-4001-BCBA-2DB5E3CF7D8D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8202\\\\/025-002:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEF4C2B9-4C44-4F83-B0D5-220A1525D254\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8202\\\\/040-001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4E35ACF-6C0A-4C9F-83A8-6CBAF927BE43\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8203:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC428EC8-532A-4825-BCE3-C42A4BC01C68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8203\\\\/025-000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2E35209-C3F2-4251-9CB5-094FA9B0D076\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AF14BE1-1EB5-423B-9FE7-E401AEF92553\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8204\\\\/025-000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40B3E682-F1FD-4ADD-B1B8-89D7BA93B3FD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8206:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E17ECC4-D7AE-485C-A2EF-4148817F9DB8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8206\\\\/025-000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6196935C-97E0-40A2-AF06-03CB72E40B0E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8206\\\\/025-001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E2892D5-A691-48A9-ACC9-236A50E6A40E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8207:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA98A0D9-B050-430B-96C5-15932438FD3A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8207\\\\/025-000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F56DA20-D82B-48C7-B4AD-8534367E8D83\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8207\\\\/025-001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C5C4BAD-7268-4367-A112-60E1A2EF6AF3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8208:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C86098FC-E63E-4676-8BA1-ADCA30795558\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-8208\\\\/025-000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FFE4FF4-4EE4-493F-A8CF-968215142EF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"688A3248-7EAA-499D-A47C-A4D4900CDBD1\"}]}]}],\"references\":[{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.