CVE-2020-12505

Name of the Vulnerable Software and Affected Versions WAGO 750-8XX series versions FW07 and prior versions WAGO 750-852 versions FW07 and prior versions WAGO 750-880/xxx-xxx versions FW07 and prior versions WAGO 750-881 versions FW07 and prior versions WAGO 750-831/xxx-xxx versions FW07 and prior versions WAGO 750-882 versions FW07 and prior versions WAGO 750-885/xxx-xxx versions FW07 and prior versions WAGO 750-889 versions FW07 and prior versions

Description The issue is related to improper authentication in the WAGO ethernet controller, allowing a remote attacker to change some special parameters without authentication. This can be exploited by an attacker to modify certain settings.

Recommendations For WAGO 750-8XX series versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-852 versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-880/xxx-xxx versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-881 versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-831/xxx-xxx versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-882 versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-885/xxx-xxx versions FW07 and prior versions, update to a version above FW07 to resolve the issue. For WAGO 750-889 versions FW07 and prior versions, update to a version above FW07 to resolve the issue.