Details of VAR-202003-0683

ID

VAR-202003-0683

CVE

CVE-2019-5161

TITLE

WAGO PFC 200 Data Forgery Vulnerability

Trust: 1.0

sources: IVD: 835c124b-37aa-420f-8f53-faf79fa84dd6 // IVD: 35746fb2-1ff7-4d67-95b5-9ccaffc74697 // CNVD: CNVD-2020-17491

DESCRIPTION

An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. WAGO PFC 200 Exists in an inadequate validation of data reliability vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. WAGO PFC 200 is a programmable logic controller (PLC) of the German WAGO company

Trust: 2.52

sources: NVD: CVE-2019-5161 // JVNDB: JVNDB-2019-014881 // CNVD: CNVD-2020-17491 // IVD: 835c124b-37aa-420f-8f53-faf79fa84dd6 // IVD: 35746fb2-1ff7-4d67-95b5-9ccaffc74697

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.4

sources: IVD: 835c124b-37aa-420f-8f53-faf79fa84dd6 // IVD: 35746fb2-1ff7-4d67-95b5-9ccaffc74697 // CNVD: CNVD-2020-17491

AFFECTED PRODUCTS

vendor:	wago	model:	pfc200	scope:	eq	version:	03.01.07(13)	Trust: 1.4
vendor:	wago	model:	pfc200	scope:	eq	version:	03.00.39(12)	Trust: 1.4
vendor:	wago	model:	pfc200	scope:	eq	version:	03.02.02(14)	Trust: 1.4
vendor:	wago	model:	pfc200	scope:	eq	version:	03.01.07\(13\)	Trust: 1.0
vendor:	wago	model:	pfc200	scope:	eq	version:	03.02.02\(14\)	Trust: 1.0
vendor:	wago	model:	pfc200	scope:	eq	version:	03.00.39\(12\)	Trust: 1.0
vendor:	pfc200	model:	-	scope:	eq	version:	03.00.39(12)	Trust: 0.4
vendor:	pfc200	model:	-	scope:	eq	version:	03.01.07(13)	Trust: 0.4
vendor:	pfc200	model:	-	scope:	eq	version:	03.02.02(14)	Trust: 0.4

sources: IVD: 835c124b-37aa-420f-8f53-faf79fa84dd6 // IVD: 35746fb2-1ff7-4d67-95b5-9ccaffc74697 // CNVD: CNVD-2020-17491 // JVNDB: JVNDB-2019-014881 // NVD: CVE-2019-5161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-5161
value:	CRITICAL
Trust: 1.0
NVD:	JVNDB-2019-014881
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2020-17491
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202003-328
value:	CRITICAL
Trust: 0.6
IVD:	835c124b-37aa-420f-8f53-faf79fa84dd6
value:	HIGH
Trust: 0.2
IVD:	35746fb2-1ff7-4d67-95b5-9ccaffc74697
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2019-5161
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2019-014881
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-17491
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	835c124b-37aa-420f-8f53-faf79fa84dd6
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	35746fb2-1ff7-4d67-95b5-9ccaffc74697
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2019-5161
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.3
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	JVNDB-2019-014881
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: 835c124b-37aa-420f-8f53-faf79fa84dd6 // IVD: 35746fb2-1ff7-4d67-95b5-9ccaffc74697 // CNVD: CNVD-2020-17491 // JVNDB: JVNDB-2019-014881 // CNNVD: CNNVD-202003-328 // NVD: CVE-2019-5161

PROBLEMTYPE DATA

problemtype:

CWE-345

Trust: 1.8

sources: JVNDB: JVNDB-2019-014881 // NVD: CVE-2019-5161

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202003-328

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202003-328

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-014881

PATCH

title:

Top Page

url:

https://www.wago.com/us/

Trust: 0.8

sources: JVNDB: JVNDB-2019-014881

EXTERNAL IDS

db:	NVD	id:	CVE-2019-5161	Trust: 3.4
db:	TALOS	id:	TALOS-2019-0954	Trust: 2.4
db:	CNVD	id:	CNVD-2020-17491	Trust: 1.0
db:	CNNVD	id:	CNNVD-202003-328	Trust: 1.0
db:	JVNDB	id:	JVNDB-2019-014881	Trust: 0.8
db:	IVD	id:	835C124B-37AA-420F-8F53-FAF79FA84DD6	Trust: 0.2
db:	IVD	id:	35746FB2-1FF7-4D67-95B5-9CCAFFC74697	Trust: 0.2

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2019-0954	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5161	Trust: 2.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5161	Trust: 0.8

sources: CNVD: CNVD-2020-17491 // JVNDB: JVNDB-2019-014881 // CNNVD: CNNVD-202003-328 // NVD: CVE-2019-5161

SOURCES

db:	IVD	id:	835c124b-37aa-420f-8f53-faf79fa84dd6
db:	IVD	id:	35746fb2-1ff7-4d67-95b5-9ccaffc74697
db:	CNVD	id:	CNVD-2020-17491
db:	JVNDB	id:	JVNDB-2019-014881
db:	CNNVD	id:	CNNVD-202003-328
db:	NVD	id:	CVE-2019-5161

LAST UPDATE DATE

2024-11-23T22:25:35.330000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-17491	date:	2020-03-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-014881	date:	2020-03-25T00:00:00
db:	CNNVD	id:	CNNVD-202003-328	date:	2020-03-16T00:00:00
db:	NVD	id:	CVE-2019-5161	date:	2024-11-21T04:44:28.010

SOURCES RELEASE DATE

db:	IVD	id:	835c124b-37aa-420f-8f53-faf79fa84dd6	date:	2020-03-09T00:00:00
db:	IVD	id:	35746fb2-1ff7-4d67-95b5-9ccaffc74697	date:	2020-03-09T00:00:00
db:	CNVD	id:	CNVD-2020-17491	date:	2020-03-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-014881	date:	2020-03-25T00:00:00
db:	CNNVD	id:	CNNVD-202003-328	date:	2020-03-09T00:00:00
db:	NVD	id:	CVE-2019-5161	date:	2020-03-11T22:27:41.160