CVE-2023-5188

EPSS 0.38%
Veröffentlicht 05.12.2023 08:15:07
Zuletzt bearbeitet 21.11.2024 08:41:15
Quelle info@cert.vde.com
CVE-Watchlists
Login
Unerledigt
Login

WAGO Improper Input Validation in IEC61850 Server / Telecontrol

The MMS Interpreter of WagoAppRTU in versions below 1.4.6.0 which is used by the WAGO Telecontrol Configurator is vulnerable to malformed packets. An remote unauthenticated attacker could send specifically crafted packets that lead to a denial-of-service condition until restart of the affected device.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wago ≫ Telecontrol Configurator

Wago ≫ Wagoapprtu Version < 1.4.6.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.586

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
info@cert.vde.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://cert.vde.com/en/advisories/VDE-2023-044/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-5188

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-5188

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-5188

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-5188