Details of VAR-202306-1706

ID

VAR-202306-1706

CVE

CVE-2023-1619

TITLE

plural WAGO Product input verification vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2023-017307

DESCRIPTION

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. 750-331 firmware, 750-8202 firmware, 750-8202/000-011 firmware etc. WAGO The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-1619 // JVNDB: JVNDB-2023-017307 // VULMON: CVE-2023-1619

AFFECTED PRODUCTS

vendor:	wago	model:	750-8217\/625-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-881	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8217	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8217\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/025-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/040-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8203\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8211	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-832	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-885	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-852	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8202\/000-011	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/040-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8210\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8203	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/040-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-880\/025-001	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8207\/025-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/040-010	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-831	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8202\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/025-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/000-012	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8214	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8211	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8207\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/025-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216\/040-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8213\/040-010	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8213	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-890	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8212\/040-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-885\/025-000	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-890\/025-000	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-831\/000-002	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8203	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-880\/025-000	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8215	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/040-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8217\/625-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8211\/040-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-893	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8202\/025-002	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8210	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8204	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8203\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/025-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8211\/040-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/025-002	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-890\/025-001	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-829	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-890\/025-002	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8206\/040-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/040-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/040-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/000-100	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216\/025-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-862	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8202\/000-022	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8211\/040-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8207\/025-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-889	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8211\/040-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/000-012	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8208\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8214	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8207\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/025-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8210\/040-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216\/040-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-880\/025-002	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8207	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8204\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8208	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8208\/025-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-331	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8217	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/040-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/025-002	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8207	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8204	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8210	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/025-002	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8217\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-882	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8204\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/040-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/040-010	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-832\/000-002	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8202\/040-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8210\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/040-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8208\/025-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/025-001	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8208	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/000-100	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8217\/600-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8206\/025-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8212\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-880	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8208\/025-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8216\/025-001	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-880\/040-000	scope:	lt	version:	fw17	Trust: 1.0
vendor:	wago	model:	750-8215	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202\/000-022	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8217\/600-000	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-891	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8212	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8213\/040-010	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8213	scope:	eq	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-823	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8202\/000-011	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-890\/040-000	scope:	lt	version:	fw11	Trust: 1.0
vendor:	wago	model:	750-8210\/040-000	scope:	lt	version:	fw22	Trust: 1.0
vendor:	wago	model:	750-8202/000-022	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/025-001	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/000-012	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/000-011	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-331	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8203	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/025-002	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/040-001	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/025-000	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202	scope:	-	version:	-	Trust: 0.8
vendor:	wago	model:	750-8202/040-000	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-017307 // NVD: CVE-2023-1619

CVSS

SEVERITY

CVSSV2

CVSSV3

info@cert.vde.com:	CVE-2023-1619
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2023-017307
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202306-1818
value:	MEDIUM
Trust: 0.6

info@cert.vde.com:	CVE-2023-1619
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2023-017307
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-017307 // CNNVD: CNNVD-202306-1818 // NVD: CVE-2023-1619

PROBLEMTYPE DATA

problemtype:	CWE-1288	Trust: 1.0
problemtype:	Inappropriate input confirmation (CWE-20) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-017307 // NVD: CVE-2023-1619

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202306-1818

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202306-1818

PATCH

title:

WAGO Enter the fix for the verification error vulnerability

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=242927

Trust: 0.6

sources: CNNVD: CNNVD-202306-1818

EXTERNAL IDS

db:	NVD	id:	CVE-2023-1619	Trust: 3.3
db:	CERT@VDE	id:	VDE-2023-006	Trust: 2.5
db:	JVNDB	id:	JVNDB-2023-017307	Trust: 0.8
db:	CNNVD	id:	CNNVD-202306-1818	Trust: 0.6
db:	VULMON	id:	CVE-2023-1619	Trust: 0.1

sources: VULMON: CVE-2023-1619 // JVNDB: JVNDB-2023-017307 // CNNVD: CNNVD-202306-1818 // NVD: CVE-2023-1619

REFERENCES

url:	https://cert.vde.com/en/advisories/vde-2023-006/	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2023-1619	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-1619/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2023-1619 // JVNDB: JVNDB-2023-017307 // CNNVD: CNNVD-202306-1818 // NVD: CVE-2023-1619

SOURCES

db:	VULMON	id:	CVE-2023-1619
db:	JVNDB	id:	JVNDB-2023-017307
db:	CNNVD	id:	CNNVD-202306-1818
db:	NVD	id:	CVE-2023-1619

LAST UPDATE DATE

2024-10-02T23:15:32.440000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2023-1619	date:	2023-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2023-017307	date:	2024-01-05T08:17:00
db:	CNNVD	id:	CNNVD-202306-1818	date:	2023-06-27T00:00:00
db:	NVD	id:	CVE-2023-1619	date:	2024-10-02T06:15:05.420

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2023-1619	date:	2023-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2023-017307	date:	2024-01-05T00:00:00
db:	CNNVD	id:	CNNVD-202306-1818	date:	2023-06-26T00:00:00
db:	NVD	id:	CVE-2023-1619	date:	2023-06-26T07:15:09.090