What is the severity of CVE-2019-12549?

CVE-2019-12549 has a severity rating indicating significant risk due to hardcoded private keys in affected WAGO devices.

How do I fix CVE-2019-12549?

To fix CVE-2019-12549, update the firmware of the affected WAGO devices to the latest version provided by the manufacturer.

Which WAGO devices are impacted by CVE-2019-12549?

CVE-2019-12549 affects WAGO 852-303, 852-1305, and 852-1505 devices with specific firmware versions prior to their respective updates.

What are the consequences of CVE-2019-12549?

The consequences of CVE-2019-12549 include potential unauthorized access through the SSH daemon due to the presence of hardcoded keys.

Is there a workaround for CVE-2019-12549?

A temporary workaround for CVE-2019-12549 includes restricting network access to the affected devices until firmware updates can be applied.

Vulnerability/
CVE-2019-12549

critical

CWE

798

17/6/2019

4/8/2024

CVE-2019-12549

First published: Mon Jun 17 2019(Updated: )

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
WAGO 852-303	<1.2.2.s0
Wago 852-303 Firmware
Wago 852-1305	<1.1.6.s0
Wago 852-1305 Firmware
Wago 852-1505	<1.1.5.s0
Wago 852-1505 Firmware

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2019-12549?
CVE-2019-12549 has a severity rating indicating significant risk due to hardcoded private keys in affected WAGO devices.
How do I fix CVE-2019-12549?
To fix CVE-2019-12549, update the firmware of the affected WAGO devices to the latest version provided by the manufacturer.
Which WAGO devices are impacted by CVE-2019-12549?
CVE-2019-12549 affects WAGO 852-303, 852-1305, and 852-1505 devices with specific firmware versions prior to their respective updates.
What are the consequences of CVE-2019-12549?
The consequences of CVE-2019-12549 include potential unauthorized access through the SSH daemon due to the presence of hardcoded keys.
Is there a workaround for CVE-2019-12549?
A temporary workaround for CVE-2019-12549 includes restricting network access to the affected devices until firmware updates can be applied.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/last-modified-date
agent/weakness
agent/author
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/wago
canonical/wago 852-303
canonical/wago 852-303 firmware
canonical/wago 852-1305
canonical/wago 852-1305 firmware
canonical/wago 852-1505
canonical/wago 852-1505 firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.