CVE-2019-5186

Name of the Vulnerable Software and Affected Versions WAGO PFC 200 (affected versions not specified)

Description A stack buffer overflow issue exists in the iocheckd service's "I/O-Check" functionality. This can be triggered by sending a specially crafted packet, causing the parsing of a cache file. The vulnerability occurs when the extracted interface element name from an XML file is used as an argument to the /etc/config-tools/config interfaces interface, using sprintf(). If the interface value is greater than 512 characters in length, it overflows the destination buffer. Later, strcpy() is used to copy the contents of the overflowed buffer, resulting in invalid memory access due to the lack of NULL termination. An interface value of length 0x3c4 can cause the service to crash.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.