CVE-2018-5459

Name of the Vulnerable Software and Affected Versions WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X through 2.4.X

Description An issue with improper authentication was found, allowing an attacker to perform unauthenticated remote operations. This is due to the CoDeSys Runtime application being available by default on the network via Port 2455. An attacker can execute commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.

Recommendations For versions 2.3.X through 2.4.X, consider restricting access to Port 2455 to minimize the risk of exploitation. As a temporary workaround, limit the ability to send TCP packets to this port until a patch is available.