CVE-2019-5180

Name of the Vulnerable Software and Affected Versions WAGO PFC 200 Firmware version 03.02.02(14)

Description A stack buffer overflow issue exists in the iocheckd service, specifically in the 'I/O-Check' functionality. This can be triggered by sending a specially crafted packet, causing the parsing of a cache file. The sprintf() function is used to write to the destination buffer sp+0x440, which can be overflowed if the ip value is too long. For example, an ip value of length 0x3da can cause the service to crash.

Recommendations For WAGO PFC 200 Firmware version 03.02.02(14), consider restricting access to the iocheckd service until a patch is available. As a temporary workaround, avoid using ip values that are greater than 1024-len('/etc/config-tools/config interfaces interface=X1 state=enabled ip-address=') in length to prevent the buffer overflow.