CVE-2022-3281

Name of the Vulnerable Software and Affected Versions WAGO PFC100/PFC200 versions (affected versions not specified) WAGO Touch Panel 600 versions (affected versions not specified) WAGO Compact Controller CC100 versions (affected versions not specified) WAGO Edge Controller versions (affected versions not specified)

Description The issue is related to an incorrectly implemented MAC address filtering function in the software of WAGO programmable logic controllers and touch panel devices. This may allow a remote attacker to bypass security restrictions after a reboot, potentially reaching a network that should be protected by the MAC address filter.

Recommendations For WAGO PFC100/PFC200, consider disabling the MAC address filtering function until a patch is available. For WAGO Touch Panel 600, restrict access to the network until the issue is resolved. For WAGO Compact Controller CC100 and Edge Controller, avoid using the devices in sensitive networks until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.