CVE-2022-50926

Summary

WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication.

Affected Software

VendorProductVersion RangeStatus
WagoWAGO 750-8212 PFC200Firmware version 03.05.10(17)affected

Weaknesses

  • CWE-565: Reliance on Cookies without Validation and Integrity Checking

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References