CVE-2023-5188

EPSS 0.38%
Published 05.12.2023 08:15:07
Last modified 21.11.2024 08:41:15
Source info@cert.vde.com
Teams watchlist Login
Open Login

The MMS Interpreter of WagoAppRTU in versions below 1.4.6.0 which is used by the WAGO Telecontrol Configurator is vulnerable to malformed packets. An remote unauthenticated attacker could send specifically crafted packets that lead to a denial-of-service condition until restart of the affected device.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Wago ≫ Telecontrol Configurator

Wago ≫ Wagoapprtu Version < 1.4.6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.38%	0.581

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
info@cert.vde.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://cert.vde.com/en/advisories/VDE-2023-044/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-5188

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-5188

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-5188

EUVD