CVE-2021-21000

Summary

On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.

Affected Software

VendorProductVersion RangeStatus
WAGOSeries PFC200 Controller750-823 <= FW07affected
WAGOSeries PFC200 Controller750-829 <= FW14affected
WAGOSeries PFC200 Controller750-831/000-00x <= FW14affected
WAGOSeries PFC200 Controller750-832/000-00x <= FW06affected
WAGOSeries PFC200 Controller750-852 <= FW14affected
WAGOSeries PFC200 Controller750-862 <= FW07affected
WAGOSeries PFC200 Controller750-880/0xx-xxx <= FW15affected
WAGOSeries PFC200 Controller750-881 <= FW14affected
WAGOSeries PFC200 Controller750-882 <= FW14affected
WAGOSeries PFC200 Controller750-885/0xx-xxx <= FW14affected
WAGOSeries PFC200 Controller750-889 <= FW14affected
WAGOSeries PFC200 Controller750-890/0xx-xxx <= FW07affected
WAGOSeries PFC200 Controller750-891 <= FW07affected
WAGOSeries PFC200 Controller750-893 <= FW07affected
WAGOSeries Ethernet Controller750-8202/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8203/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8204/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8206/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8207/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8208/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8210/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8211/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8212/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8213/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8214/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8216/xxx-xxx < 03.06.19 (18)affected
WAGOSeries Ethernet Controller750-8217/xxx-xxx < 03.06.19 (18)affected

Weaknesses

  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

Workarounds

Use general security best practices to protect systems from local and network attacks. Do not allow direct access to the device from untrusted networks. Update to the latest firmware according to the table in chapter solutions.

ADP Enrichment

CVE Program Container

Additional References

References