CVE-2019-5079

Name of the Vulnerable Software and Affected Versions WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12) WAGO PFC100 Firmware version 03.00.39(12)

Description A heap buffer overflow issue exists in the iocheckd service "I/O-Check" functionality. This can be triggered by a specially crafted set of packets, potentially resulting in code execution. An attacker can send unauthenticated packets to exploit this issue.

Recommendations For WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), update to a version that fixes the iocheckd service "I/O-Check" functionality issue. For WAGO PFC100 Firmware version 03.00.39(12), update to a version that fixes the iocheckd service "I/O-Check" functionality issue. As a temporary workaround, consider restricting access to the iocheckd service to minimize the risk of exploitation.