CVE-2019-5170

Name of the Vulnerable Software and Affected Versions WAGO PFC 200 Firmware version 03.02.02(14)

Description A command injection issue exists in the iocheckd service 'I/O-Check' function. This is due to the improper handling of a specially crafted XML cache file, which can be used to inject OS commands. An attacker can trigger the parsing of this cache file by sending a specially crafted packet. The hostname value extracted from the XML file is used as an argument to the /etc/config-tools/change hostname command, which is later executed via a call to system().

Recommendations For WAGO PFC 200 Firmware version 03.02.02(14), consider disabling the 'I/O-Check' function in the iocheckd service until a patch is available. Restrict access to the XML cache file location to minimize the risk of exploitation. Avoid using the hostname node in the XML file until the issue is resolved.