CVE-2021-21000: WAGO: PFC200 Denial of Service due to the number of connections to the runtime
First published: Mon May 24 2021(Updated: )
On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.
Credit: info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WAGO 750-823 firmware | <=fw07 | |
| WAGO 750-823 firmware | ||
| WAGO 750-829 firmware | <=fw14 | |
| WAGO 750-829 firmware | ||
| WAGO Ethernet Firmware | <=fw14 | |
| WAGO 750-831 firmware | ||
| WAGO 750-832/000-002 firmware | <=fw06 | |
| WAGO 750-xxx series firmware | ||
| WAGO 750-852 firmware | <=fw14 | |
| WAGO 750-xxx series firmware | ||
| WAGO 750-862 firmware | <=fw07 | |
| WAGO 750-xxx series firmware | ||
| WAGO 750-880/040-000 firmware | <=fw15 | |
| WAGO 750-880/040-000 | ||
| WAGO Ethernet Firmware | <=fw14 | |
| WAGO 750-881 firmware | ||
| WAGO 750-882 firmware | <=fw14 | |
| WAGO 750-882 firmware | ||
| WAGO 750-885 firmware | <=fw14 | |
| WAGO 750-885 firmware | ||
| WAGO 750-889 firmware | <=fw14 | |
| WAGO 750-889 firmware | ||
| WAGO 750-890 Firmware | <=fw07 | |
| WAGO 750-890 firmware | ||
| WAGO 750-891 firmware | <=fw07 | |
| WAGO 750-891 firmware | ||
| WAGO Ethernet Firmware | <=fw07 | |
| WAGO 750-893 firmware | ||
| WAGO 750-8202/025-002 Firmware | <03.06.19_\(18\) | |
| WAGO 750-8202 Firmware | ||
| WAGO Ethernet Firmware | <03.06.19_\(18\) | |
| WAGO 750-8203 firmware | ||
| WAGO 750-8204 firmware | <03.06.19_\(18\) | |
| WAGO 750-8204/025-000 | ||
| WAGO 750-8206 firmware | <03.06.19_\(18\) | |
| WAGO 750-xxx series firmware | ||
| WAGO 750-8207 firmware | <03.06.19_\(18\) | |
| WAGO 750-8207/025-000 | ||
| WAGO 750-8208/025-001 firmware | <03.06.19_\(18\) | |
| WAGO 750-xxx series firmware | ||
| WAGO 750-8210/040-000 firmware | <03.06.19_\(18\) | |
| WAGO 750-8210 firmware | ||
| WAGO 750-8211/040-001 firmware | <03.06.19_\(18\) | |
| WAGO 750-8211/040-000 | ||
| WAGO 750-8212/025-002 firmware | <03.06.19_\(18\) | |
| Cisco 8212 | ||
| WAGO 750-8213/040-010 firmware | <03.06.19_\(18\) | |
| WAGO 750-8213/040-010 | ||
| WAGO 750-8214 firmware | <03.06.19_\(18\) | |
| WAGO 750-8214 firmware | ||
| WAGO 750-8216 firmware | <03.06.19_\(18\) | |
| WAGO 750-8216/040-000 | ||
| WAGO 750-8217 firmware | <03.06.19_\(18\) | |
| WAGO 750-8217 firmware |
Remedy
WAGO recommends all effected users with CODESYS 2.3 Runtime PLCs to update to the firmware versions listed at https://cert.vde.com/en-us/advisories/vde-2021-014 in the solution paragraph.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-21000.
What is the severity level of CVE-2021-21000?
CVE-2021-21000 has a severity level of 7.5 (High).
Which devices are affected by CVE-2021-21000?
WAGO PFC200 devices with different firmware versions are affected by CVE-2021-21000.
How can an attacker exploit this vulnerability?
An attacker with network access to the device can cause a denial of service for the login service of the runtime by sending specially crafted packets.
Is there a fix available for CVE-2021-21000?
At the moment, there is no information available about a fix for CVE-2021-21000. Please refer to the provided reference for updates.
- agent/type
- agent/remedy
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/wago
- canonical/wago 750-823 firmware
- version/wago 750-823 firmware/fw07
- canonical/wago 750-829 firmware
- version/wago 750-829 firmware/fw14
- canonical/wago ethernet firmware
- version/wago ethernet firmware/fw14
- canonical/wago 750-831 firmware
- canonical/wago 750-832/000-002 firmware
- version/wago 750-832/000-002 firmware/fw06
- canonical/wago 750-xxx series firmware
- canonical/wago 750-852 firmware
- version/wago 750-852 firmware/fw14
- canonical/wago 750-862 firmware
- version/wago 750-862 firmware/fw07
- canonical/wago 750-880/040-000 firmware
- version/wago 750-880/040-000 firmware/fw15
- canonical/wago 750-880/040-000
- canonical/wago 750-881 firmware
- canonical/wago 750-882 firmware
- version/wago 750-882 firmware/fw14
- canonical/wago 750-885 firmware
- version/wago 750-885 firmware/fw14
- canonical/wago 750-889 firmware
- version/wago 750-889 firmware/fw14
- canonical/wago 750-890 firmware
- version/wago 750-890 firmware/fw07
- canonical/wago 750-891 firmware
- version/wago 750-891 firmware/fw07
- version/wago ethernet firmware/fw07
- canonical/wago 750-893 firmware
- canonical/wago 750-8202/025-002 firmware
- canonical/wago 750-8202 firmware
- canonical/wago 750-8203 firmware
- canonical/wago 750-8204 firmware
- canonical/wago 750-8204/025-000
- canonical/wago 750-8206 firmware
- canonical/wago 750-8207 firmware
- canonical/wago 750-8207/025-000
- canonical/wago 750-8208/025-001 firmware
- canonical/wago 750-8210/040-000 firmware
- canonical/wago 750-8210 firmware
- canonical/wago 750-8211/040-001 firmware
- canonical/wago 750-8211/040-000
- canonical/wago 750-8212/025-002 firmware
- canonical/cisco 8212
- canonical/wago 750-8213/040-010 firmware
- canonical/wago 750-8213/040-010
- canonical/wago 750-8214 firmware
- canonical/wago 750-8216 firmware
- canonical/wago 750-8216/040-000
- canonical/wago 750-8217 firmware