CVE-2023-1150

Summary

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.

Affected Software

VendorProductVersion RangeStatus
WAGO750-3320 <= FW10affected
WAGO750-362/xxx-xxx0 <= FW10affected
WAGO750-363/xxx-xxx0 <= FW10affected
WAGO750-364/xxx-xxx0 <= FW10affected
WAGO750-365/xxx-xxx0 <= FW10affected
WAGO750-8230 <= FW10affected
WAGO750-832/xxx-xxx0 <= FW10affected
WAGO750-8620 <= FW10affected
WAGO750-890/xxx-xxx0 <= FW10affected
WAGO750-8910 <= FW10affected
WAGO750-8930 <= FW10affected

Weaknesses

  • CWE-772: CWE-772 Missing Release of Resource after Effective Lifetime

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References