CVE-2019-5078

Name of the Vulnerable Software and Affected Versions WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12) WAGO PFC100 Firmware version 03.00.39(12)

Description A denial of service issue exists in the iocheckd service "I/O-Check" functionality. It can be triggered by a specially crafted set of packets, causing the device to enter an error state and cease all network communications. This can be done by sending unauthenticated packets.

Recommendations For WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), consider restricting access to the iocheckd service until a patch is available. For WAGO PFC100 Firmware version 03.00.39(12), consider restricting access to the iocheckd service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.