First published: Tue Aug 31 2021(Updated: )
Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device.
Credit: info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wago 750-880\/040-000 Firmware | >=fw4<=fw15 | |
Wago 750-880\/040-000 | ||
Wago 750-880\/025-002 Firmware | >=fw4<=fw15 | |
Wago 750-880\/025-002 | ||
Wago 750-880\/025-001 Firmware | >=fw4<=fw15 | |
Wago 750-880\/025-001 | ||
Wago 750-880\/025-000 Firmware | >=fw4<=fw15 | |
Wago 750-880\/025-000 | ||
Wago 750-831\/000-002 Firmware | >=fw4<=fw15 | |
Wago 750-831\/000-002 | ||
Wago 750-889 Firmware | >=fw4<=fw15 | |
WAGO 750-889 | ||
Wago 750-881 Firmware | >=fw4<=fw15 | |
WAGO 750-881 | ||
Wago 750-831 Firmware | >=fw4<=fw15 | |
WAGO 750-831 | ||
Wago 750-880 Firmware | >=fw4<=fw15 | |
WAGO 750-880 |
Update the device to the latest FW version ( >FW15 ).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-34581.
The title of the vulnerability is 'Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO...'
The severity of CVE-2021-34581 is high with a severity value of 7.5.
Versions FW4 up to FW15 of Wago 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 are affected by CVE-2021-34581.
An unauthenticated attacker can exploit CVE-2021-34581 to cause a Denial of Service (DoS) on the device.
You can find more information about CVE-2021-34581 at the following reference: https://cert.vde.com/en-us/advisories/vde-2021-038