CVE-2019-5172

Name of the Vulnerable Software and Affected Versions WAGO PFC 200 Firmware version 03.02.02(14)

Description A command injection issue exists in the iocheckd service 'I/O-Check' function. An attacker can send a specially crafted packet to trigger the parsing of a cache file. The extracted ntp value from an XML file is used as an argument to the /etc/config-tools/config sntp command, which is later executed via a call to system(). This process is done in a loop with no limit on the number of ntp entries parsed from the XML file.

Recommendations For WAGO PFC 200 Firmware version 03.02.02(14), consider disabling the 'I/O-Check' function in the iocheckd service until a patch is available to prevent exploitation. Restrict access to the /etc/config-tools/config sntp command to minimize the risk of exploitation. Avoid using the ntp value from the XML file in the affected command until the issue is resolved.