Sign-up

ID

VAR-201912-0774


CVE

CVE-2019-5075


TITLE

WAGO PFC200 Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 027060de-fc78-4359-ac1f-580c302f96c8 // CNVD: CNVD-2019-46398

DESCRIPTION

An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets sent to the iocheckd service "I/O-Check" can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. WAGO PFC 200 and PFC100 The firmware contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. WAGO PFC200 is a programmable logic controller (PLC) from the German company WAGO. WAGO PFC200 has a buffer overflow vulnerability

Trust: 2.34

sources: NVD: CVE-2019-5075 // JVNDB: JVNDB-2019-013745 // CNVD: CNVD-2019-46398 // IVD: 027060de-fc78-4359-ac1f-580c302f96c8

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 027060de-fc78-4359-ac1f-580c302f96c8 // CNVD: CNVD-2019-46398

AFFECTED PRODUCTS

vendor:wagomodel:pfc200scope:eqversion:03.01.07(13)

Trust: 1.4

vendor:wagomodel:pfc200scope:eqversion:03.00.39(12)

Trust: 1.4

vendor:wagomodel:pfc100scope:eqversion:03.00.39(12)

Trust: 1.4

vendor:wagomodel:pfc 100scope:eqversion:03.00.39\(12\)

Trust: 1.0

vendor:wagomodel:pfc 200scope:eqversion:03.00.39\(12\)

Trust: 1.0

vendor:wagomodel:pfc 200scope:eqversion:03.01.07\(13\)

Trust: 1.0

vendor:pfc 200model: - scope:eqversion:03.00.39(12)

Trust: 0.2

vendor:pfc 200model: - scope:eqversion:03.01.07(13)

Trust: 0.2

vendor:pfc 100model: - scope:eqversion:03.00.39(12)

Trust: 0.2

sources: IVD: 027060de-fc78-4359-ac1f-580c302f96c8 // CNVD: CNVD-2019-46398 // JVNDB: JVNDB-2019-013745 // NVD: CVE-2019-5075

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-5075
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-5075
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-46398
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201912-734
value: CRITICAL

Trust: 0.6

IVD: 027060de-fc78-4359-ac1f-580c302f96c8
value: CRITICAL

Trust: 0.2

nvd@nist.gov: CVE-2019-5075
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-46398
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 027060de-fc78-4359-ac1f-580c302f96c8
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2019-5075
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-5075
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 027060de-fc78-4359-ac1f-580c302f96c8 // CNVD: CNVD-2019-46398 // JVNDB: JVNDB-2019-013745 // CNNVD: CNNVD-201912-734 // NVD: CVE-2019-5075

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.8

sources: JVNDB: JVNDB-2019-013745 // NVD: CVE-2019-5075

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201912-734

TYPE

Buffer error

Trust: 0.8

sources: IVD: 027060de-fc78-4359-ac1f-580c302f96c8 // CNNVD: CNNVD-201912-734

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-013745

PATCH
title:Top Pageurl:https://www.wago.com/us/
Trust: 0.8
title:WAGO PFC 200  and WAGO PFC100 Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106022
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-013745 // 
            
            
            
            CNNVD: CNNVD-201912-734

EXTERNAL IDS
db:NVDid:CVE-2019-5075
Trust: 3.2
db:TALOSid:TALOS-2019-0864
Trust: 3.0
db:CNVDid:CNVD-2019-46398
Trust: 0.8
db:CNNVDid:CNNVD-201912-734
Trust: 0.8
db:JVNDBid:JVNDB-2019-013745
Trust: 0.8
db:NSFOCUSid:47153
Trust: 0.6
db:AUSCERTid:ESB-2020.0842
Trust: 0.6
db:ICS CERTid:ICSA-20-065-01
Trust: 0.6
db:IVDid:027060DE-FC78-4359-AC1F-580C302F96C8
Trust: 0.2
sources:
            
            
            IVD: 027060de-fc78-4359-ac1f-580c302f96c8 // 
            
            
            
            CNVD: CNVD-2019-46398 // 
            
            
            
            JVNDB: JVNDB-2019-013745 // 
            
            
            
            CNNVD: CNNVD-201912-734 // 
            
            
            
            NVD: CVE-2019-5075

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2019-0864
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2019-5075
Trust: 1.4
url:https://www.talosintelligence.com/vulnerability_reports/talos-2019-0864
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5075
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-20-065-01
Trust: 0.6
url:http://www.nsfocus.net/vulndb/47153
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.0842/
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-46398 // 
            
            
            
            JVNDB: JVNDB-2019-013745 // 
            
            
            
            CNNVD: CNNVD-201912-734 // 
            
            
            
            NVD: CVE-2019-5075

CREDITS
Discovered by Kelly Leuschner of Cisco Talos
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201912-734

SOURCES
db:IVDid:027060de-fc78-4359-ac1f-580c302f96c8
db:CNVDid:CNVD-2019-46398
db:JVNDBid:JVNDB-2019-013745
db:CNNVDid:CNNVD-201912-734
db:NVDid:CVE-2019-5075

LAST UPDATE DATE
2024-11-23T21:51:49.310000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-46398date:2019-12-20T00:00:00
db:JVNDBid:JVNDB-2019-013745date:2020-01-16T00:00:00
db:CNNVDid:CNNVD-201912-734date:2020-08-25T00:00:00
db:NVDid:CVE-2019-5075date:2024-11-21T04:44:18.160

SOURCES RELEASE DATE
db:IVDid:027060de-fc78-4359-ac1f-580c302f96c8date:2019-12-20T00:00:00
db:CNVDid:CNVD-2019-46398date:2019-12-20T00:00:00
db:JVNDBid:JVNDB-2019-013745date:2020-01-16T00:00:00
db:CNNVDid:CNNVD-201912-734date:2019-12-16T00:00:00
db:NVDid:CVE-2019-5075date:2019-12-18T21:15:14.007