Uwe Disch

Name of the Vulnerable Software and Affected Versions: WAGO 750-831/xxx-xxx versions FW4 through FW15 WAGO 750-880/xxx-xxx versions FW4 through FW15 WAGO 750-881 versions FW4 through FW15 WAGO 750-889 versions FW4 through FW15 Description: The issue is related to a Missing Release of Resource after Effective Lifetime vulnerability in the OpenSSL implementation. This allows an unauthenticated attacker to cause a Denial of Service (DoS) on the device. Recommendations: For WAGO 750-831/xxx-xxx versions FW4 through FW15, update to a version later than FW15 to resolve the issue. For WAGO 750-880/xxx-xxx versions FW4 through FW15, update to a version later than FW15 to resolve the issue. For WAGO 750-881 versions FW4 through FW15, update to a version later than FW15 to resolve the issue. For WAGO 750-889 versions FW4 through FW15, update to a version later than FW15 to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.