CVE-2024-1490

Summary

An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on the device.

Affected Software

VendorProductVersion RangeStatus
WAGOCC100 (0751-9x01)0.0.0 <= 4.5.10affected
WAGOPFC100 G1 (0750-810-xxxx-xxxx)0.0.0 <= 3.10.10affected
WAGOPFC100 G2 (0750-811x-xxxx-xxxx)0.0.0 <= 4.5.10affected
WAGOPFC200 G1 (750-820x-xxxx-xxxx)0.0.0 <= 3.10.10affected
WAGOPFC200 G2 (750-821x-xxxx-xxxx)0.0.0 <= 4.5.10affected
WAGOTP600 (0762-420x-8000-000x)0.0.0 <= FW 26affected
WAGOTP600 (0762-430x-8000-000x)0.0.0 <= 4.5.10affected
WAGOTP600 (0762-520x-8000-000x)0.0.0 <= 4.5.10affected
WAGOTP600 (0762-530x-8000-000x)0.0.0 <= 4.5.10affected
WAGOTP600 (0762-620x-8000-000x)0.0.0affected
WAGOTP600 (0762-630x-8000-000x)0.0.0 <= 4.5.10affected
WAGOEdge Controller (0752-8303-8000-0002)0.0.0 <= 4.5.10affected
WAGOWP400 (0762-340x)0.0.0 <= 4.5.10affected

Weaknesses

  • CWE-94: CWE-94 Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References